category icon Cloud Infrastructure, Nexus Human, Security & Continuity

Course run in conjunction with Nexus Human. Trading MicroWarehouse CSP partners enjoy further discounts on selected Nexus human courses.

This is an intensive 4-day online course running from October 21st – 24th inclusive.  MicroWarehouse trading partners can avail of our heavily discounted rate of €500 per candidate.  Please ensure you have cleared your calendar before registering as no refunds will be offered for cancellations made within 7 days of course commencement and places are limited.

 

Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.

Prerequisites

  • Basic understanding of Microsoft 365
  • Fundamental understanding of Microsoft security, compliance, and identity products
  • Intermediate understanding of Windows 10
  • Familiarity with Azure services, specifically Azure SQL Database and Azure Storage
  • Familiarity with Azure virtual machines and virtual networking
  • Basic understanding of scripting concepts.

Course Contents

1 – Introduction to Microsoft 365 threat protection

  • Explore Extended Detection & Response (XDR) response use cases
  • Understand Microsoft Defender XDR in a Security Operations Center (SOC)
  • Explore Microsoft Security Graph
  • Investigate security incidents in Microsoft Defender XDR

2 – Mitigate incidents using Microsoft 365 Defender

  • Use the Microsoft Defender portal
  • Manage incidents
  • Investigate incidents
  • Manage and investigate alerts
  • Manage automated investigations
  • Use the action center
  • Explore advanced hunting
  • Investigate Microsoft Entra sign-in logs
  • Understand Microsoft Secure Score
  • Analyze threat analytics
  • Analyze reports
  • Configure the Microsoft Defender portal

3 – Protect your identities with Microsoft Entra ID Protection

  • Microsoft Entra ID Protection overview
  • Detect risks with Microsoft Entra ID Protection policies
  • Investigate and remediate risks detected by Microsoft Entra ID Protection

4 – Remediate risks with Microsoft Defender for Office 365

  • Automate, investigate, and remediate
  • Configure, protect, and detect
  • Simulate attacks

5 – Safeguard your environment with Microsoft Defender for Identity

  • Configure Microsoft Defender for Identity sensors
  • Review compromised accounts or data
  • Integrate with other Microsoft tools

6 – Secure your cloud apps and services with Microsoft Defender for Cloud Apps

  • Understand the Defender for Cloud Apps Framework
  • Explore your cloud apps with Cloud Discovery
  • Protect your data and apps with Conditional Access App Control
  • Walk through discovery and access control with Microsoft Defender for Cloud Apps
  • Classify and protect sensitive information
  • Detect Threats

7 – Respond to data loss prevention alerts using Microsoft 365

  • Describe data loss prevention alerts
  • Investigate data loss prevention alerts in Microsoft Purview
  • Investigate data loss prevention alerts in Microsoft Defender for Cloud Apps

8 – Manage insider risk in Microsoft Purview

  • Insider risk management overview
  • Create and manage insider risk policies
  • Investigate insider risk alerts
  • Take action on insider risk alerts through cases
  • Manage insider risk management forensic evidence
  • Create insider risk management notice templates

9 – Investigate threats by using audit features in Microsoft Defender XDR and Microsoft Purview Standard

  • Explore Microsoft Purview Audit solutions
  • Implement Microsoft Purview Audit (Standard)
  • Start recording activity in the Unified Audit Log
  • Search the Unified Audit Log (UAL)
  • Export, configure, and view audit log records
  • Use audit log searching to investigate common support issues

10 – Investigate threats using audit in Microsoft Defender XDR and Microsoft Purview (Premium)

  • Explore Microsoft Purview Audit (Premium)
  • Implement Microsoft Purview Audit (Premium)
  • Manage audit log retention policies
  • Investigate compromised email accounts using Purview Audit (Premium)

(Click here for full course contents)


Agenda