Course

Defend against cyberthreats with Microsoft Defender XDR – Intensive Training («SC5X4»)

Implement the Microsoft Defender for Endpoint environment to manage devices, perform investigations on endpoints, manage incidents in Defender XDR, and use Advanced Hunting with Kusto Query Language (KQL) to detect unique threats.
Vendor code

SC-5004

Duration 1 day
Price 900.–
Course documents Official Microsoft Courseware on Microsoft Learn

Course facts

Key Learnings
  • Managing and investigating incidents in Microsoft Defender and Microsoft Defender XDR
  • Conducting advanced hunting in Microsoft Defender
  • Creating a Microsoft Defender for Endpoint environment
  • Onboarding devices to be monitored by Microsoft Defender for Endpoint
  • Configuring alert settings and advanced features in Microsoft Defender for Endpoint
  • Managing automation settings in Microsoft Defender for Endpoint
  • Describing device forensics information collected by Microsoft Defender for Endpoint
  • Describing behavioral blocking by Microsoft Defender for Endpoint
Content

1 Mitigate incidents using Microsoft Defender
Learn how the Microsoft Defender portal provides a unified view of incidents from the Microsoft Defender family of products.

2 Deploy the Microsoft Defender for Endpoint environment
Learn how to deploy the Microsoft Defender for Endpoint environment, including onboarding devices and configuring security.

3 Configure for alerts and detections in Microsoft Defender for Endpoint
Learn how to configure settings to manage alerts and notifications. You'll also learn to enable indicators as part of the detection process.

4 Configure and manage automation using Microsoft Defender for Endpoint
Learn how to configure automation in Microsoft Defender for Endpoint by managing environmental settings.

5 Perform device investigations in Microsoft Defender for Endpoint
Microsoft Defender for Endpoint provides detailed device information, including forensics information. Learn about information available to you through Microsoft Defender for Endpoint that aids in your investigations.

6 Defend against Cyberthreats with Microsoft Defender XDR lab exercises
In this module, you learned how to configure Microsoft Defender XDR, deploy Microsoft Defender for Endpoint, and onboard devices. You also configured policies, mitigated threats and responded to incidents with Defender XDR.

Target audience
This course is designed for Azure Administrators and Security Engineers.
Requirements
  • Experience using the Microsoft Defender portal
  • Basic understanding of Microsoft Defender for Endpoint
  • Basic understanding of Microsoft Sentinel
  • Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Download

Questions

Any questions?
First name
Last name
Company optional
Email
Phone
I would like to book this course as a company course
First name
Last name
Company optional
Email
Phone
Number of participants
Desired course location
Start date (DD.MM.YYYY)
End date (DD.MM.YYYY)
We currently do not have any dates scheduled.

We currently do not have any dates scheduled.

But we can arrange one for you. We will be happy to advise you individually on your course planning.

Contact us
We currently do not have any dates scheduled.