Microsoft Defender Course With Hands On Training And Sims

Learn how to expertly administer Microsoft Defender XDR (formerly Microsoft 365 Defender) with hands on experience!

What you'll learn

Learn the concepts and perform hands on activities needed to master Microsoft Defender XDR (formerly Microsoft 365 Defender)

Gain a tremendous amount of knowledge involving Microsoft Defender XDR (formerly Microsoft 365 Defender)

Learn using hands on simulations on how Microsoft Defender XDR (formerly Microsoft 365 Defender) is administered!

Learn how to set up your own test lab for practicing the concepts!

Requirements

Willingness to put in the time and practice the steps shown in the course

Description

We really hope you'll agree, this training is way more than the average course on Udemy! Have access to the following:Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified TrainerLecture that explains the concepts in an easy to learn method for someone that is just starting out with this materialInstructor led hands on and simulations to practice that can be followed even if you have little to no experienceTOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:IntroductionWelcome to the courseUnderstanding the Microsoft EnvironmentFoundations of Active Directory DomainsFoundations of RAS, DMZ, and VirtualizationFoundations of the Microsoft Cloud ServicesDONT SKIP: The first thing to know about Microsoft cloud servicesDONT SKIP: Azure AD is now renamed to Entra IDQuestions for John ChristopherPerforming hands on activitiesDONT SKIP: Using Assignments in the courseCreating a free Microsoft 365 AccountActivating licenses for Defender for Endpoint and VulnerabilitiesGetting your free Azure creditBasic concepts of the Microsoft Defender Suite and ServicesThe Microsoft 365 Defender SuiteUsing the Defender and Purview admin centersMicrosoft Defender for Office 365What is Microsoft Defender for Office 365?Implementing policies for uses in Email, SharePoint, OneDrive, and TeamsDealing with threats using Defender for Office 365Performing a campaign email attack simulation in Microsoft DefenderMicrosoft Defender for Cloud Apps and Data Loss Prevention (DLP)Understanding the concepts of Microsoft Defender for Cloud AppsInvestigating security risks in Defender for Cloud AppsConcepts of data loss prevention in Microsoft DefenderAlerts with data loss prevention policies (DLP)Data loss prevention (DLP) policy alert investigationMicrosoft Defender for Endpoint and Defender Vulnerability ManagementUnderstanding Microsoft Defender for Endpoint conceptsDeploy a Windows 11 VM endpointAttack surface reduction (ASR) support with IntuneWorking with device onboarding regarding Defender for EndpointSomething to be aware of about extra featuresEndpoint advanced features, alerts and incidentsEndpoint vulnerabilitiesDevice attack surface reduction (ASR)Device groups with Defender for EndpointMicrosoft Defender Vulnerability Management risk identificationEndpoint threat indicatorsDevice discovery of unmanaged devicesMicrosoft Defender for IdentityMicrosoft Entra ID security risk mitigationConcepts of using Microsoft Entra Identity ProtectionMicrosoft Entra Identity Protection security risk mitigationMicrosoft Entra Identity Protection risks in regards to Microsoft DefenderMicrosoft Defender for Identity conceptsUsing Defender for Identity to mitigate threats with AD DSMicrosoft 365 Defender as an Extended Detection and Response (XDR)Visualizing the concepts of extended detection and responses (XDR)Configuring the Microsoft 365 Defender simulation labPerforming an attack using the simulation labMicrosoft 365 Defender incidents and automated investigationsMicrosoft 365 Defender action and submissionsUsing Kusto Query Language (KQL) for threat identificationMicrosoft Secure ScoreMicrosoft 365 Defender threat analyticsCustom detections and alertsGetting started w/ Defender for Cloud, Defender for Servers & Defender for DevOpsIntroduction to Microsoft Defender for CloudRegulatory compliance policies along with MCSBRemediation's with secure score in Microsoft Defender for CloudMicrosoft Defender for ServersMicrosoft Defender for DevOpsMicrosoft Defender External Attack Surface Management (EASM)Microsoft Defender for Cloud full management and configurationsSettings config in Microsoft Defender for CloudRoles in Microsoft Defender for CloudCloud workload protectionAutomation of onboarding Azure resourceAzure Arc connectionsMulti-cloud connectionsEmail notifications in Microsoft Defender for CloudUsing alert suppression rulesWorkflow automation configuration in Defender for CloudUsing sample alerts and incidentsUsing Microsoft Defender for Cloud recommendationsSecurity alerts and incidents in Microsoft Defender for CloudUsing threat intelligence reports with Microsoft Defender for CloudDealing with insider risks in Microsoft 365Concepts of insider risk policiesInsider risk policy generationInsider risk policy alert investigationAudit and search capabilities in Microsoft Defender and Microsoft PurviewLicensing of unified audit loggingPermissions for unified auditingThreat hunting with unified audit loggingThreat hunting with Content SearchesConclusionCleaning up your lab environmentGetting a Udemy certificateBONUS Where do I go from here?

Overview

Section 1: Introduction

Lecture 1 Welcome to the course!

Lecture 2 Understanding the Microsoft Environment

Lecture 3 Foundations of Active Directory Domains

Lecture 4 Foundations of RAS, DMZ, and Virtualization

Lecture 5 Foundations of the Microsoft Cloud Services

Lecture 6 DONT SKIP: The first thing to know about Microsoft cloud services

Lecture 7 DONT SKIP: Azure AD is now renamed to Entra ID

Lecture 8 Questions for John Christopher

Section 2: Performing hands on activities

Lecture 9 DONT SKIP: Using Assignments (SIMULATIONS) in the course

Lecture 10 Creating a free Microsoft 365 Account

Lecture 11 Activating licenses for Defender for Endpoint and Vulnerabilities

Lecture 12 Getting your free Azure credit

Section 3: Basic concepts of the Microsoft Defender Suite and Services

Lecture 13 The Microsoft 365 Defender Suite

Lecture 14 Using the Defender and Purview admin centers

Section 4: Microsoft Defender for Office 365

Lecture 15 What is Microsoft Defender for Office 365?

Lecture 16 Implementing policies for uses in Email, SharePoint, OneDrive, and Teams

Lecture 17 Dealing with threats using Defender for Office 365

Lecture 18 Performing a campaign email attack simulation in Microsoft Defender

Section 5: Microsoft Defender for Cloud Apps and Data Loss Prevention (DLP)

Lecture 19 Understanding the concepts of Microsoft Defender for Cloud Apps

Lecture 20 Investigating security risks in Defender for Cloud Apps

Lecture 21 Concepts of data loss prevention in Microsoft Defender

Lecture 22 Alerts with data loss prevention policies (DLP)

Lecture 23 Data loss prevention (DLP) policy alert investigation

Section 6: Microsoft Defender for Endpoint and Defender Vulnerability Management

Lecture 24 Understanding Microsoft Defender for Endpoint concepts

Lecture 25 Deploy a Windows 11 VM endpoint

Lecture 26 Attack surface reduction (ASR) support with Intune

Lecture 27 Working with device onboarding regarding Defender for Endpoint

Lecture 28 Something to be aware of about extra features

Lecture 29 Endpoint advanced features, alerts and incidents

Lecture 30 Endpoint vulnerabilities

Lecture 31 Device attack surface reduction (ASR)

Lecture 32 Device groups with Defender for Endpoint

Lecture 33 Microsoft Defender Vulnerability Management risk identification

Lecture 34 Endpoint threat indicators

Lecture 35 Device discovery of unmanaged devices

Section 7: Microsoft Defender for Identity

Lecture 36 Microsoft Entra ID security risk mitigation

Lecture 37 Concepts of using Microsoft Entra Identity Protection

Lecture 38 Microsoft Entra Identity Protection security risk mitigation

Lecture 39 Microsoft Entra Identity Protection risks in regards to Microsoft Defender

Lecture 40 Microsoft Defender for Identity concepts

Lecture 41 Using Defender for Identity to mitigate threats with AD DS

Section 8: Microsoft 365 Defender as an Extended Detection and Response (XDR)

Lecture 42 Visualizing the concepts of extended detection and responses (XDR)

Lecture 43 Configuring the Microsoft 365 Defender simulation lab

Lecture 44 Performing an attack using the simulation lab

Lecture 45 Microsoft 365 Defender incidents and automated investigations

Lecture 46 Microsoft 365 Defender action and submissions

Lecture 47 Using Kusto Query Language (KQL) for threat identification

Lecture 48 Microsoft Secure Score

Lecture 49 Microsoft 365 Defender threat analytics

Lecture 50 Custom detections and alerts

Section 9: Getting started w/ Defender for Cloud,Defender for Servers & Defender for DevOps

Lecture 51 Introduction to Microsoft Defender for Cloud

Lecture 52 Regulatory compliance policies along with MCSB

Lecture 53 Remediation's with secure score in Microsoft Defender for Cloud

Lecture 54 Microsoft Defender for Servers

Lecture 55 Microsoft Defender for DevOps

Lecture 56 Microsoft Defender External Attack Surface Management (EASM)

Section 10: Microsoft Defender for Cloud full management and configurations

Lecture 57 Settings config in Microsoft Defender for Cloud

Lecture 58 Roles in Microsoft Defender for Cloud

Lecture 59 Cloud workload protection

Lecture 60 Automation of onboarding Azure resource

Lecture 61 Azure Arc connections

Lecture 62 Multi-cloud connections

Lecture 63 Email notifications in Microsoft Defender for Cloud

Lecture 64 Using alert suppression rules

Lecture 65 Workflow automation configuration in Defender for Cloud

Lecture 66 Using sample alerts and incidents

Lecture 67 Using Microsoft Defender for Cloud recommendations

Lecture 68 Security alerts and incidents in Microsoft Defender for Cloud

Lecture 69 Using threat intelligence reports with Microsoft Defender for Cloud

Section 11: Dealing with insider risks in Microsoft 365

Lecture 70 Concepts of insider risk policies

Lecture 71 Insider risk policy generation

Lecture 72 Insider risk policy alert investigation

Section 12: Audit and search capabilities in Microsoft Defender and Microsoft Purview

Lecture 73 Licensing of unified audit logging

Lecture 74 Permissions for unified auditing

Lecture 75 Threat hunting with unified audit logging

Lecture 76 Threat hunting with Content Searches

Section 13: Conclusion

Lecture 77 Cleaning up your lab environment

Lecture 78 Getting a Udemy certificate

Lecture 79 BONUS Where do I go from here?

IT people interested in learning a tremendous amount about Microsoft Defender XDR (formerly Microsoft 365 Defender)