Mastering Microsoft 365 security administration with Microsoft Defender XDR
Provided by QA
Overview
This three-day instructor led course will provide delegates with the knowledge and skills to deploy and administer Microsoft 365 Defender to protect against cyber threats. Delegates will learn how to configure security across messaging and collaboration tools, devices, identities and applications. They will also learn how to use the service to detect possible ongoing attacks and block them.
This course was designed for people who work in a security administrator job role or a general purpose administrator role with a responsibility to ensure that their Microsoft 365 environment is secure.
+
Prerequisites
Important - This course has MFA Requirements. Please read this link and download the MFA app , prior to attending.
+
Delegates will learn how to
Outline
LP1 - Overview of Microsoft 365 Defender
Cyber security attacks
Review
LP2 - Configuring Defender for Office 365
Threats and protection
Review
LP3 - Deploying and configuring Defender for Endpoint
Exploring the service
Protecting endpoints
Review
LP4 - Deploying Defender for Identity
Deploying the sensor
Review
LP5 - Configuring Defender for Cloud Apps
Connecting to apps and logs
Review
LP6 - Investigating and responding to threats
Responding to incidents
Review
+
This three-day instructor led course will provide delegates with the knowledge and skills to deploy and administer Microsoft 365 Defender to protect against cyber threats. Delegates will learn how to configure security across messaging and collaboration tools, devices, identities and applications. They will also learn how to use the service to detect possible ongoing attacks and block them.
This course was designed for people who work in a security administrator job role or a general purpose administrator role with a responsibility to ensure that their Microsoft 365 environment is secure.
+
Prerequisites
Important - This course has MFA Requirements. Please read this link and download the MFA app , prior to attending.
- An understanding of core technical concepts, including DNS, Networking, Identities, and software deployment methods
- An understanding of common security threats and attacks such as malware, phishing, ransomware and software exploits
- Experience with Microsoft 365 components including Azure Active Directory, Exchange, Teams, OneDrive and SharePoint
- Experience with managing Active Directory Domain Services, Group Policy and Windows clients
+
Delegates will learn how to
- How to license the services and navigate the Microsoft 365 Defender portal
- How to configure Defender for Office 365 capabilities to protect messaging and collaboration services against threats such as malware or phishing
- How to deploy Defender for Endpoint to devices, and protect them against threats such as malware, ransomware and software exploits
- How to deploy Defender for Identity to an on-premises Active Directory to protect it from threats against identities, such as stealing credentials and gaining admin control of the domain
- How to implement threat detection policies in Defender for Cloud Apps to provide alerts on unusual application behaviours which are often indicators of an attack
- How to investigate security incidents using the Microsoft 365 Defender portal and use remediation actions to block the attack
Outline
LP1 - Overview of Microsoft 365 Defender
Cyber security attacks
- Zero Trust model
- MITRE ATT&CK framework
- Example attack chain
- Services overview
- License requirements
- Administration
- Microsoft Secure Score
Review
LP2 - Configuring Defender for Office 365
Threats and protection
- Protection against known threats
- Email authentication to prevent spoofing
- Protection against unknown threats
- Policies and recommended settings
- Managing the quarantine
- Advanced delivery policies
- Types of simulation
- Create and run a simulation
Review
LP3 - Deploying and configuring Defender for Endpoint
Exploring the service
- Capabilities
- Defender Vulnerability Management
- General settings
- Permissions
- Onboarding
Protecting endpoints
- Next-generation protection
- Attack surface reduction
Review
LP4 - Deploying Defender for Identity
Deploying the sensor
- Creating the service accounts
- Installing the sensor
- Entity tags
- Assessments
- Securing accounts
- Securing authentication protocols
Review
LP5 - Configuring Defender for Cloud Apps
Connecting to apps and logs
- Connecting to Office 365
- Cloud Discovery
- Admin roles
- Importing user groups
- Creating policies
Review
LP6 - Investigating and responding to threats
Responding to incidents
- Managing incidents
- Remediate
- Automated investigation and response
- Creating queries
- Kusto query language (KQL)
Review
+
Enquire
Start date | Location / delivery | |
---|---|---|
07 Oct 2024 | QA On-Line Virtual Centre, Virtual | Book now |
01132207150
01132207150