Microsoft 365 Security: Threat Protection Implementation and Management
This course will teach you how to plan, implement, and manage Microsoft’s Threat protection stack within your organization.
What you'll learn
All organizations are targets for cyber attacks. As the threat landscape evolves, your security operations need to evolve too.
In this course, Microsoft 365 Security: Threat Protection Implementation and Management, you’ll learn to implement and manage Microsoft’s Threat Protection stack:
- explore how to protect identities
- discover how to protect endpoints and Office 365
- learn how to perform advanced hunting by pulling all the data together into a single pane of glass for incident management and advanced hunting
Table of contents
- Introduction 0m
- Defender for Identity Prerequisites 2m
- Defender for Identity Architecture 3m
- Alert Categories 3m
- Defender for Identity Initial Setup 3m
- Enhancing the Detection Capabilities with Event Logs 2m
- Defender for Identity Portal Walkthrough 2m
- Investigating Identity Attacks 5m
- Understanding Lateral Movement Paths 2m
- Summary 1m
- Introduction 1m
- Defender for Endpoint Prerequisites 2m
- Planning Your Deployment 2m
- Deployment Phases 5m
- Defender for Endpoint Initial Setup 5m
- Additional Configurable Settings 2m
- Onboarding Endpoints 3m
- Working with Roles and Device Groups 4m
- Investigating Alerts 7m
- Investigating Incidents 5m
- Taking Response Actions on Devices 6m
- Investigate Entities Using Live Response 3m
- Taking Response Actions on Files 3m
- Defender for Endpoint Vulnerability Management 5m
- Creating Custom Detection Rules 3m
- Advanced Hunting 4m
- Set up Your Evaluation Lab 4m
- Summary 1m
- Introduction 1m
- Planning for Device and Application Protection 3m
- Defender Application Guard Overview 3m
- Exploit Protection Overview 2m
- Understanding the Requirements for Secure Boot 4m
- Overview of Application Protection Policies 2m
- Protecting Applications on Windows 10 Endpoints 4m
- Protecting Apps on iOS/iPadOS and Android 3m
- Onboarding Cloud Managed Endpoints into Defender for Endpoint 1m
- Enforcing Bitlocker Disk Encryption 4m
- Encrypting MacOS Endpoints 1m
- Defining an App and Browser Isolation Policy 2m
- Creating a Device Control Policy 1m
- Implementing and Managing Attack Surface Reduction Rules 7m
- Enabling Exploit Protection 2m
- Protecting Edge Legacy 2m
- Application Control Overview 3m
- Implementing Windows Defender Application Control 6m
- Summary 1m
- Introduction 2m
- Office 365 Policies 2m
- Defining an Anti-Phishing Policy 6m
- Creating a Safe Attachments Policy 6m
- Protecting Against Malicious Links with Safe Links 3m
- Working with Anti Spam Policies 3m
- Customizing an Anti-Malware Policy 2m
- Configuration Analyzer 2m
- Exploring Threats and Working with Investigations 5m
- Investigating Campaigns 5m
- Attack Simulation Training 6m
- Summary 1m
- Introduction 1m
- Understanding the Components of Sentinel 4m
- Workspace Considerations 2m
- Getting Started with Sentinel 2m
- Ingesting Data with Data Connectors 3m
- Sentinel Portal Overview 2m
- Performing Incident Response 7m
- Working with Workbooks 3m
- Using Hunting Queries, Livestream, and Bookmarks 4m
- Leveraging Sentinel Notebooks 5m
- Investigating Entity Behavior 4m
- Building Analytic Rules 2m
- Building Playbooks 3m
- Summary 1m
Course FAQ
In this course you will learn about the threat landscape, how to implement a hybrid threat solution, device and threat protection implementation, device and application protection, and implementing Defender for Office 365.
The only prerequisite for this course is having a grasp on Microsoft 365 fundamentals.
Common types of cyber attacks include: Dos and DDos attacks, MITM attacks, Spear and Whale Phishing attacks, Ransomware, SQL Injection, and DNS spoofing.
Microsoft Defender helps your organization with endpoint protection, detection, response, vulnerability management, and mobile threat defense.
Azure Sentinel is a cloud-native security information and event manager platform that uses built-in AI to help analyze large volumes of data across an enterprise.
About the author
Rishalin is an active author, who has authored a number of courses found on Pluralsight. In addition to video courses, he has authored two books titled "Learn Penetration Testing" and "Offensive Shellcode from Scratch". He serves as a technical contributor to many books ranging from Dark Web Analysis, Kali Linux, Offensive Security, SECOPS, and study guides across Networking and Microsoft technologies. He holds the Microsoft Content Publisher Gold and Platinum awards for his contributions made ... more