Cart 0

Defend against cyberthreats with Microsoft Defender XDR (SC-5004)
Course 8741
1 DAY COURSE

Price:
Course Outline

This hands-on course teaches Security Operations Analysts how to implement Microsoft Defender XDR to detect, investigate, and mitigate cyberthreats. Learn how to deploy Microsoft Defender for Endpoint, configure security settings, manage incidents, automate responses, and use Advanced Hunting with Kusto Query Language (KQL) to identify and respond to threats in real time. Gain practical experience in securing endpoints, managing alerts, and improving your organization’s security posture.

Defend against cyberthreats with Microsoft Defender XDR (SC-5004) Benefits

  • In this course, you will:

    • Gain expertise in Microsoft Defender XDR for threat detection and response.
    • Learn to deploy and manage Microsoft Defender for Endpoint environments.
    • Configure security alerts, automated investigations, and response policies.
    • Utilize Advanced Hunting with KQL to detect unique threats.
    • Investigate incidents, alerts, and forensic data using Microsoft Defender tools.
    • Enhance security automation and policy enforcement across devices.

  • Prerequisites

    • Experience using the Microsoft Defender portal
    • Basic understanding of Microsoft Defender for Endpoint
    • Basic understanding of Microsoft Sentinel
    • Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Defend Against Cyberthreats Course Training Outline

Learning Objectives

Module 1: Mitigate Incidents Using Microsoft Defender

  • Navigating the Microsoft Defender portal and managing incidents.
  • Investigating alerts, sign-in logs, and security reports.
  • Utilizing Microsoft Secure Score and Threat Analytics.
  • Performing Advanced Hunting to detect threats.

Module 2: Deploy the Microsoft Defender for Endpoint Environment

  • Setting up Microsoft Defender for Endpoint.
  • Onboarding and managing devices across operating systems.
  • Configuring role-based access control (RBAC) and device groups.
  • Enabling advanced security features for endpoint protection.

Module 3: Configure Alerts and Detections in Microsoft Defender for Endpoint

  • Managing alert notifications and suppression settings.
  • Configuring threat indicators and detection rules.
  • Customizing security policies for threat mitigation.

Module 4: Configure and Manage Automation Using Microsoft Defender for Endpoint

  • Automating incident response and remediation.
  • Managing upload settings and folder security.
  • Blocking at-risk devices to prevent breaches.

Module 5: Perform Device Investigations in Microsoft Defender for Endpoint

  • Using device inventory to track and investigate endpoint activity.
  • Leveraging behavioral blocking and device discovery tools.
  • Conducting forensic analysis on compromised devices.

Module 6: Hands-On Lab – Defend Against Cyberthreats with Microsoft Defender XDR

  • Configuring the Microsoft Defender XDR environment.
  • Deploying and integrating Microsoft Defender for Endpoint.
  • Mitigating attacks and responding to real-world cybersecurity threats.
Course Dates

For course questions or any customer service inquiry, please contact your Customer Service team at BAHCustomerService@LearningTree.com.

We are excited that Learning Tree now offers a deferred direct bill payment option for Booz Allen employees. The deferred direct bill payment option enables employees to enroll in learning opportunities with no upfront costs. This payment option will require the employee to sign a Family Educational Rights and Privacy Act (FERPA) agreement with Learning Tree to release grades/completion to Booz Allen to satisfy the FlexEd Program completion requirement. Note, Learning Tree may also be used for the FlexEd Program reimbursement payment option.

Attendance Method
Additional Details (optional)

Private Team Training

Interested in this course for your team? Please complete and submit the form below and we will contact you to discuss your needs and budget.