Microsoft Defender Course with hands on training and sims
What you'll learn
- Learn the concepts and perform hands on activities needed to master Microsoft Defender XDR (formerly Microsoft 365 Defender)
- Gain a tremendous amount of knowledge involving Microsoft Defender XDR (formerly Microsoft 365 Defender)
- Learn using hands on simulations on how Microsoft Defender XDR (formerly Microsoft 365 Defender) is administered!
- Learn how to set up your own test lab for practicing the concepts!
Requirements
- Willingness to put in the time and practice the steps shown in the course
Description
We really hope you'll agree, this training is way more than the average course on Udemy!
Have access to the following:
Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
Instructor led hands on and simulations to practice that can be followed even if you have little to no experience
TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:
Introduction
Welcome to the course
Understanding the Microsoft Environment
Foundations of Active Directory Domains
Foundations of RAS, DMZ, and Virtualization
Foundations of the Microsoft Cloud Services
DONT SKIP: The first thing to know about Microsoft cloud services
DONT SKIP: Azure AD is now renamed to Entra ID
Questions for John Christopher
Performing hands on activities
DONT SKIP: Using Assignments in the course
Creating a free Microsoft 365 Account
Activating licenses for Defender for Endpoint and Vulnerabilities
Getting your free Azure credit
Basic concepts of the Microsoft Defender Suite and Services
The Microsoft 365 Defender Suite
Using the Defender and Purview admin centers
Microsoft Defender for Office 365
What is Microsoft Defender for Office 365?
Implementing policies for uses in Email, SharePoint, OneDrive, and Teams
Dealing with threats using Defender for Office 365
Performing a campaign email attack simulation in Microsoft Defender
Microsoft Defender for Cloud Apps and Data Loss Prevention (DLP)
Understanding the concepts of Microsoft Defender for Cloud Apps
Investigating security risks in Defender for Cloud Apps
Concepts of data loss prevention in Microsoft Defender
Alerts with data loss prevention policies (DLP)
Data loss prevention (DLP) policy alert investigation
Microsoft Defender for Endpoint and Defender Vulnerability Management
Understanding Microsoft Defender for Endpoint concepts
Deploy a Windows 11 VM endpoint
Attack surface reduction (ASR) support with Intune
Working with device onboarding regarding Defender for Endpoint
Something to be aware of about extra features
Endpoint advanced features, alerts and incidents
Endpoint vulnerabilities
Device attack surface reduction (ASR)
Device groups with Defender for Endpoint
Microsoft Defender Vulnerability Management risk identification
Endpoint threat indicators
Device discovery of unmanaged devices
Microsoft Defender for Identity
Microsoft Entra ID security risk mitigation
Concepts of using Microsoft Entra Identity Protection
Microsoft Entra Identity Protection security risk mitigation
Microsoft Entra Identity Protection risks in regards to Microsoft Defender
Microsoft Defender for Identity concepts
Using Defender for Identity to mitigate threats with AD DS
Microsoft 365 Defender as an Extended Detection and Response (XDR)
Visualizing the concepts of extended detection and responses (XDR)
Configuring the Microsoft 365 Defender simulation lab
Performing an attack using the simulation lab
Microsoft 365 Defender incidents and automated investigations
Microsoft 365 Defender action and submissions
Using Kusto Query Language (KQL) for threat identification
Microsoft Secure Score
Microsoft 365 Defender threat analytics
Custom detections and alerts
Getting started w/ Defender for Cloud, Defender for Servers & Defender for DevOps
Introduction to Microsoft Defender for Cloud
Regulatory compliance policies along with MCSB
Remediation's with secure score in Microsoft Defender for Cloud
Microsoft Defender for Servers
Microsoft Defender for DevOps
Microsoft Defender External Attack Surface Management (EASM)
Microsoft Defender for Cloud full management and configurations
Settings config in Microsoft Defender for Cloud
Roles in Microsoft Defender for Cloud
Cloud workload protection
Automation of onboarding Azure resource
Azure Arc connections
Multi-cloud connections
Email notifications in Microsoft Defender for Cloud
Using alert suppression rules
Workflow automation configuration in Defender for Cloud
Using sample alerts and incidents
Using Microsoft Defender for Cloud recommendations
Security alerts and incidents in Microsoft Defender for Cloud
Using threat intelligence reports with Microsoft Defender for Cloud
Dealing with insider risks in Microsoft 365
Concepts of insider risk policies
Insider risk policy generation
Insider risk policy alert investigation
Audit and search capabilities in Microsoft Defender and Microsoft Purview
Licensing of unified audit logging
Permissions for unified auditing
Threat hunting with unified audit logging
Threat hunting with Content Searches
Conclusion
Cleaning up your lab environment
Getting a Udemy certificate
BONUS Where do I go from here?
Who this course is for:
- IT people interested in learning a tremendous amount about Microsoft Defender XDR (formerly Microsoft 365 Defender)
Instructor
- 4.7 Instructor Rating
- 92,564 Reviews
- 252,983 Students
- 38 Courses
John Christopher is a Technical Instructor that has been in the business for 25 years. His first experience with information technology occurred in the early 90s when he ran an MS-DOS based BBS(Bulletin Board System) as a System Operator. In the late 90s, after working with Windows NT 3.50 performing backups for Regal Group, he decided to get Windows NT Microsoft Certified.
In 1998 he got his first Microsoft Certified Systems Engineer and Microsoft Certified Trainer certification. Shortly after getting certified, he began working as a Junior Administrator and Instructor for Knowledge Alliance. From there John was able to become one of the first people in the world to gain an MCSE for the Windows 2000 operating system and he began teaching full time for a company called Productivity Point International. At Productivity Point, John got Citrix Metaframe certified and began teaching Citrix along with Microsoft classes. Productivity Point began experiencing financial troubles and John moved on to work with another training company in 2001
For many years at the training company in Atlanta John was the network administrator and held the title of Senior Technical Instructor for the company. John designed and administered their network from the ground up, going from a single floor in a single building, to multiple floors in multiple buildings and locations. He furthered his certifications, gaining the MCSE for 2003, 2008(MCITP), 2012, A+, Network+, Security+, Exchange, and CCNA. Along with his Network admin duties, John taught hundreds of students during his 11 years for the company. During all his years of training, John has had the honor of doing lots of classes with the military, along with quite a few classes within on-site military bases. In 2012, he decided to break away from the company he had been working for and do consulting and contract teaching. Currently, John gets hired by many different training companies to teach technical training classes all over the United States. He is also hired as a consultant to go into companies and work on their networks and implement, along with troubleshoot real world scenarios.