1-Day Instructor-Led Training
Microsoft Official Content
Hands On Labs
After-Course Instructor-Coaching Included
#8741
Defend against cyberthreats with Microsoft Defender XDR (SC-5004)
Course 8741
- Duration: 1 day
- Language: English
- Level: Intermediate
This hands-on course teaches Security Operations Analysts how to implement Microsoft Defender XDR to detect, investigate, and mitigate cyberthreats. Learn how to deploy Microsoft Defender for Endpoint, configure security settings, manage incidents, automate responses, and use Advanced Hunting with Kusto Query Language (KQL) to identify and respond to threats in real time. Gain practical experience in securing endpoints, managing alerts, and improving your organization’s security posture.
Defend Against Cyberthreats Course Delivery Methods
In-Person
Online
Upskill your whole team by bringing Private Team Training to your facility.
Defend Against Cyberthreats Course Course Information
In this course, you will:
- Gain expertise in Microsoft Defender XDR for threat detection and response.
- Learn to deploy and manage Microsoft Defender for Endpoint environments.
- Configure security alerts, automated investigations, and response policies.
- Utilize Advanced Hunting with KQL to detect unique threats.
- Investigate incidents, alerts, and forensic data using Microsoft Defender tools.
- Enhance security automation and policy enforcement across devices.
Prerequisites
- Experience using the Microsoft Defender portal
- Basic understanding of Microsoft Defender for Endpoint
- Basic understanding of Microsoft Sentinel
- Experience using Kusto Query Language (KQL) in Microsoft Sentinel
Defend Against Cyberthreats Course Training Outline
Module 1: Mitigate Incidents Using Microsoft Defender
- Navigating the Microsoft Defender portal and managing incidents.
- Investigating alerts, sign-in logs, and security reports.
- Utilizing Microsoft Secure Score and Threat Analytics.
- Performing Advanced Hunting to detect threats.
Module 2: Deploy the Microsoft Defender for Endpoint Environment
- Setting up Microsoft Defender for Endpoint.
- Onboarding and managing devices across operating systems.
- Configuring role-based access control (RBAC) and device groups.
- Enabling advanced security features for endpoint protection.
Module 3: Configure Alerts and Detections in Microsoft Defender for Endpoint
- Managing alert notifications and suppression settings.
- Configuring threat indicators and detection rules.
- Customizing security policies for threat mitigation.
Module 4: Configure and Manage Automation Using Microsoft Defender for Endpoint
- Automating incident response and remediation.
- Managing upload settings and folder security.
- Blocking at-risk devices to prevent breaches.
Module 5: Perform Device Investigations in Microsoft Defender for Endpoint
- Using device inventory to track and investigate endpoint activity.
- Leveraging behavioral blocking and device discovery tools.
- Conducting forensic analysis on compromised devices.
Module 6: Hands-On Lab – Defend Against Cyberthreats with Microsoft Defender XDR
- Configuring the Microsoft Defender XDR environment.
- Deploying and integrating Microsoft Defender for Endpoint.
- Mitigating attacks and responding to real-world cybersecurity threats.
Questions about this course?
Customize Your Team Training Experience
Fill out the form below or call 888-843-8733
Need Help Finding The Right Training Solution?
Our training advisors are here for you.
Defend Against Cyberthreats Course FAQs
No. Applied Skills credentials are not replacing Certifications. We are expanding our credentialing portfolio to better meet the needs of our learners and customers by allowing people to validate very specific skill sets with this new offering.
Certifications are role-based and evaluate a broader range of skills needed to be successful in critical roles that organizations need to be successful in today’s rapidly changing technical environment.
Applied Skills credentials are scenario-based and evaluate a narrower skill set specific to a critical business problem or challenge that organizations are facing.
If you want to demonstrate that you have the range of skills needed to succeed in a given job role, a Certification is the right way to go. If you want to validate your skills on a specific business problem or scenario your organization faces, an Applied Skills credential will make more sense.
Here are some key differentiators between Certifications and Applied Skills:
- Breadth of skills validated: Certifications typically validate 4-6 skill sets, while Applied Skills validate one specific skill set.
- Focus: Certifications are job role-based, while Applied Skills are product-based.
- Purpose: Certifications are intended to validate skills needed for the technical aspects of job roles that leverage Microsoft solutions and technologies. Applied Skills are intended to validate specific scenarios that may be hindering an organization’s digital transformation goals.
Many of the Applied Skills credentials can be used to help you prepare for Certification exams. Because Applied Skills are awarded based on performance within a lab, that experience may set you up for success on a Certification. All role-based Certification exams require experience, so earning an Applied Skills credential is one way to get some of the experience needed to pass the exam. However, not all skills assessed on a Certification exam will have an associated Applied Skills assessment lab, so you should not rely on Applied Skills alone. Visit how to prepare for a Certification exam.
If you want to demonstrate that you have skill sets that were not assessed by the Certification, are Certification “adjacent,” or are needed for a specific project that you would like to do or are working on. An Applied Skill credential would be a great way to show your employer and peers that you have those skills and the skills validated by your Certification.
It depends on your technical expertise and why you want to earn a Microsoft credential.
If you are exploring technology or just beginning your learning journey in technology, starting with a fundamentals certification makes the most sense because it focuses on ensuring you have the foundational knowledge you need to get started in technology.
If you have experience and want to explore how Microsoft technologies and solutions are used to solve critical business problems, an Applied Skills credential is a great way to validate fundamental world skills focused on specific projects or scenarios.
If you have some experience and are pursuing a job that leverages Microsoft solutions, a role-based certification is the logical solution to validate role-based skills. Note that some Applied Skills credentials relate to our certifications and may provide another way to prepare for a certification exam.