Learning path 1 - Mitigate threats using Microsoft Defender XDR
- Introduction to Microsoft Defender XDR threat protection
- Mitigate incidents using Microsoft Defender
- Remediate risks with Microsoft Defender for Office 365
- Manage Microsoft Entra Identity Protection
- Safeguard your environment with Microsoft Defender for Identity
- Secure your cloud apps and services with Microsoft Defender for Cloud Apps
Lab - Explore Microsoft Defender XDR
Learning path 2 - Mitigate threats using Microsoft Security Copilot
- Fundamentals of Generative AI
- Describe Microsoft Security Copilot
- Describe the core features of Microsoft Security Copilot
- Describe the embedded experiences of Microsoft Security Copilot
Lab - Explore use cases of Microsoft Security Copilot
Learning path 3 - Mitigate threats using Microsoft Purview
- Respond to data loss prevention alerts using Microsoft 365
- Manage insider risk in Microsoft Purview
- Search and investigate with Microsoft Purview Audit
- Investigate threats with Content search in Microsoft Purview
Lab - Explore Microsoft Purview Audit logs
Learning path 4 - Mitigate threats using Microsoft Defender for Endpoint
- Protect against threats with Microsoft Defender for Endpoint
- Deploy the Microsoft Defender for Endpoint environment
- Implement Windows security enhancements with Microsoft Defender for Endpoint
- Perform device investigations in Microsoft Defender for Endpoint
- Perform actions on a device using Microsoft Defender for Endpoint
- Perform evidence and entities investigations using Microsoft Defender for Endpoint
- Configure and manage automation using Microsoft Defender for Endpoint
- Configure for alerts and detections in Microsoft Defender for Endpoint
- Utilize Vulnerability Management in Microsoft Defender for Endpoint
Lab - Deploy Microsoft Defender for Endpoint
Lab - Mitigate Attacks with Microsoft Defender for Endpoint
Learning path 5 - Mitigate threats using Microsoft Defender for Cloud
- Plan for cloud workload protections using Microsoft Defender for Cloud
- Connect Azure assets to Microsoft Defender for Cloud
- Connect non-Azure resources to Microsoft Defender for Cloud
- Manage your cloud security posture management
- Explain cloud workload protections in Microsoft Defender for Cloud
- Remediate security alerts using Microsoft Defender for Cloud
Lab - Enable Microsoft Defender for Cloud
Lab - Mitigate threats using Microsoft Defender for Cloud
Learning path 6 - Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
- Construct KQL statements for Microsoft Sentinel
- Analyze query results using KQL
- Build multi-table statements using KQL
- Work with data in Microsoft Sentinel using Kusto Query Language
Lab - Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
Learning path 7 - Configure your Microsoft Sentinel environment
- Introduction to Microsoft Sentinel
- Create and manage Microsoft Sentinel workspaces
- Query logs in Microsoft Sentinel
- Use watchlists in Microsoft Sentinel
- Utilize threat intelligence in Microsoft Sentinel
- Integrate Microsoft Defender XDR with Microsoft Sentinel
Lab - Configure your Microsoft Sentinel environment
Learning path 8 - Connect logs to Microsoft Sentinel
- Connect data to Microsoft Sentinel using data connectors
- Connect Microsoft services to Microsoft Sentinel
- Connect Microsoft Defender XDR to Microsoft Sentinel
- Connect Windows hosts to Microsoft Sentinel
- Connect Common Event Format logs to Microsoft Sentinel
- Connect syslog data sources to Microsoft Sentinel
- Connect threat indicators to Microsoft Sentinel
Lab - Connect data to Microsoft Sentinel using data connectors
Lab - Connect Windows devices to Microsoft Sentinel using data connectors
Lab - Connect Linux hosts to Microsoft Sentinel using data connectors
Learning path 9 - Create detections and perform investigations using Microsoft Sentinel
- Threat detection with Microsoft Sentinel analytics
- Automation in Microsoft Sentinel
- Threat response with Microsoft Sentinel playbooks
- Security incident management in Microsoft Sentinel
- Identify threats with Behavioural Analytics
- Data normalization in Microsoft Sentinel
- Query, visualize, and monitor data in Microsoft Sentinel
- Manage content in Microsoft Sentinel
Lab - Modify a Microsoft Security rule
Lab - Create a Playbook
Lab - Create a Scheduled Query from a template
Lab - Explore Entity Behavior Analytics
Lab - Prepare to perform simulated attacks
Lab - Conduct attacks
Lab - Create Detections
Lab - Investigate Incidents
Lab - Create ASIM parsers
Lab - Create workbooks
Lab - Use Repositories in Microsoft Sentinel
Learning path 10 - Perform threat hunting in Microsoft Sentinel
- Explain threat hunting concepts in Microsoft Sentinel
- Threat hunting with Microsoft Sentinel
- Use Search jobs in Microsoft Sentinel
- Hunt for threats using notebooks in Microsoft Sentinel
Lab - Perform Threat Hunting in Microsoft Sentinel
Lab - Threat Hunting using Notebooks with Microsoft Sentinel