Microsoft Defender Course with hands on training and sims from Udemy

Have access to the following:

Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
Instructor led hands on and simulations to practice that can be followed even if you have little to no experience

Implementing policies for uses in Email, SharePoint, OneDrive, and Teams

Dealing with threats using Defender for Office 365

Performing a campaign email attack simulation in Microsoft Defender

Microsoft Defender for Cloud Apps and Data Loss Prevention (DLP)

Understanding the concepts of Microsoft Defender for Cloud Apps
Investigating security risks in Defender for Cloud Apps
Concepts of data loss prevention in Microsoft Defender
Alerts with data loss prevention policies (DLP)
Data loss prevention (DLP) policy alert investigation

Microsoft Defender for Endpoint and Defender Vulnerability Management

Understanding Microsoft Defender for Endpoint concepts
Deploy a Windows 11 VM endpoint
Attack surface reduction (ASR) support with Intune
Working with device onboarding regarding Defender for Endpoint
Something to be aware of about extra features
Endpoint advanced features, alerts and incidents
Endpoint vulnerabilities
Device attack surface reduction (ASR)
Device groups with Defender for Endpoint
Microsoft Defender Vulnerability Management risk identification
Endpoint threat indicators
Device discovery of unmanaged devices

Microsoft Defender for Identity

Microsoft Entra ID security risk mitigation
Concepts of using Microsoft Entra Identity Protection
Microsoft Entra Identity Protection security risk mitigation
Microsoft Entra Identity Protection risks in regards to Microsoft Defender
Microsoft Defender for Identity concepts
Using Defender for Identity to mitigate threats with AD DS

Microsoft 365 Defender as an Extended Detection and Response (XDR)

Visualizing the concepts of extended detection and responses (XDR)
Configuring the Microsoft 365 Defender simulation lab
Performing an attack using the simulation lab
Microsoft 365 Defender incidents and automated investigations
Microsoft 365 Defender action and submissions
Using Kusto Query Language (KQL) for threat identification
Microsoft Secure Score
Microsoft 365 Defender threat analytics
Custom detections and alerts

Getting started w/ Defender for Cloud, Defender for Servers & Defender for DevOps

Introduction to Microsoft Defender for Cloud
Regulatory compliance policies along with MCSB
Remediation's with secure score in Microsoft Defender for Cloud
Microsoft Defender for Servers
Microsoft Defender for DevOps
Microsoft Defender External Attack Surface Management (EASM)

Microsoft Defender for Cloud full management and configurations

Settings config in Microsoft Defender for Cloud
Roles in Microsoft Defender for Cloud
Cloud workload protection
Automation of onboarding Azure resource
Azure Arc connections
Multi-cloud connections
Email notifications in Microsoft Defender for Cloud
Using alert suppression rules
Workflow automation configuration in Defender for Cloud
Using sample alerts and incidents
Using Microsoft Defender for Cloud recommendations
Security alerts and incidents in Microsoft Defender for Cloud
Using threat intelligence reports with Microsoft Defender for Cloud

Dealing with insider risks in Microsoft 365

Concepts of insider risk policies
Insider risk policy generation
Insider risk policy alert investigation

Audit and search capabilities in Microsoft Defender and Microsoft Purview

Licensing of unified audit logging
Permissions for unified auditing
Threat hunting with unified audit logging
Threat hunting with Content Searches

Conclusion

Cleaning up your lab environment
Getting a Udemy certificate
BONUS Where do I go from here?

What's inside

Learning objectives

Learn the concepts and perform hands on activities needed to master microsoft defender xdr (formerly microsoft 365 defender)
Gain a tremendous amount of knowledge involving microsoft defender xdr (formerly microsoft 365 defender)

Learn using hands on simulations on how microsoft defender xdr (formerly microsoft 365 defender) is administered!
Learn how to set up your own test lab for practicing the concepts!

Learn the concepts and perform hands on activities needed to master microsoft defender xdr (formerly microsoft 365 defender)
Gain a tremendous amount of knowledge involving microsoft defender xdr (formerly microsoft 365 defender)
Learn using hands on simulations on how microsoft defender xdr (formerly microsoft 365 defender) is administered!
Learn how to set up your own test lab for practicing the concepts!

Syllabus

Introduction

Welcome to the course!

Understanding the Microsoft 365 and Azure Environment

Foundations of Active Directory Domains

Career center

Learners who complete Microsoft Defender Course with hands on training and sims will develop knowledge and skills that may be useful to these careers:

Microsoft 365 Security Administrator

A Microsoft 365 Security Administrator is a specialized role focused on managing and securing an organization's entire Microsoft 365 ecosystem and its associated services. This course is an almost perfect fit for a Microsoft 365 Security Administrator, as its entire curriculum is centered around the Microsoft 365 Defender suite. You will gain comprehensive, hands-on expertise in configuring and managing Defender for Office 365, Cloud Apps, Endpoint, and Identity. The training includes setting up simulation labs, investigating incidents, and implementing security policies across the Microsoft 365 environment, providing unparalleled practical skills for this highly specific and in-demand role.

See salaries and explore the career path for Microsoft 365 Security Administrator

Data Loss Prevention Engineer

A Data Loss Prevention Engineer designs, implements, and manages systems and policies to prevent sensitive data from being lost, misused, or accessed by unauthorized individuals. The Microsoft Defender Course with hands on training and sims is highly pertinent for a Data Loss Prevention Engineer, offering dedicated modules on Data Loss Prevention (DLP) concepts, policy generation, and alert investigation. You will learn how to create custom DLP policies, investigate policy alerts, and understand Microsoft Defender for Cloud Apps. The practical exercises in managing insider risk policies and using audit and search capabilities provide a comprehensive toolkit for safeguarding an organization's critical information assets.

See salaries and explore the career path for Data Loss Prevention Engineer

Security Operations Analyst

A Security Operations Analyst is at the forefront of cyber defense, monitoring security systems, detecting anomalies, analyzing threats, and responding to incidents to protect organizational assets. This course provides comprehensive, hands-on training directly applicable to the daily responsibilities of a Security Operations Analyst. You will learn to work with Microsoft 365 Defender incidents and automated investigations, perform threat identification using Kusto Query Language, and manage alerts and custom detections. The practical simulations, including performing campaign email attack simulations, are invaluable for developing the critical skills needed for rapid and effective incident response in a security operations center utilizing Microsoft’s advanced security stack.

See salaries and explore the career path for Security Operations Analyst

Threat Hunter

A Threat Hunter proactively searches for new, undetected, and advanced threats within an organization's networks and systems, often leveraging advanced analytical techniques. The Microsoft Defender Course with hands on training and sims is uniquely suited for aspiring Threat Hunters due to its explicit focus on proactive threat discovery. You will gain practical experience with threat hunting using unified audit logging and content searches, alongside mastering Kusto Query Language (KQL) for threat identification. The course also covers custom detections and alerts and Microsoft 365 Defender threat analytics, providing the essential tools and methodologies for discovering sophisticated threats before they can cause significant damage.

See salaries and explore the career path for Threat Hunter

Incident Response Specialist

An Incident Response Specialist is crucial in reacting swiftly to security breaches, containing threats, eradicating malicious activity, and restoring affected systems to minimize organizational impact. The Microsoft Defender Course with hands on training and sims directly equips individuals for this demanding role through its focus on Microsoft 365 Defender incidents and automated investigations. You will gain practical experience in performing attack simulations, investigating security alerts, and utilizing threat analytics. The training in Kusto Query Language for threat identification and the detailed alert investigation processes are fundamental skills for any Incident Response Specialist seeking to master modern incident handling within the Microsoft ecosystem.

See salaries and explore the career path for Incident Response Specialist

Cloud Security Engineer

A Cloud Security Engineer designs, implements, and maintains robust security measures for cloud environments, ensuring data and applications are protected from evolving threats. The Microsoft Defender Course with hands on training and sims is exceptionally relevant for this role, as it extensively covers Microsoft Defender for Cloud, including regulatory compliance, secure score remediations, multi-cloud connections, and cloud workload protection. Learners will gain practical experience with Defender for Servers and Defender for DevOps, offering deep insights into securing Azure resources and managing security configurations. This expertise is crucial for building and maintaining resilient cloud security postures.

See salaries and explore the career path for Cloud Security Engineer

Vulnerability Management Engineer

A Vulnerability Management Engineer is tasked with identifying, assessing, prioritizing, and facilitating the remediation of security vulnerabilities across an organization's systems and applications. This course is directly relevant for a Vulnerability Management Engineer, as it covers Microsoft Defender Vulnerability Management risk identification and endpoint vulnerabilities in detail. Learners will gain practical experience with attack surface reduction (ASR) support, device discovery of unmanaged devices, and understanding endpoint threat indicators. This training provides the technical knowledge needed to proactively manage an organization's risk posture by leveraging the advanced capabilities of Microsoft Defender for Endpoint and Vulnerability Management.

See salaries and explore the career path for Vulnerability Management Engineer

Cybersecurity Analyst

A Cybersecurity Analyst plays a vital role in protecting an organization's information systems from cyber threats, involving tasks from threat detection to vulnerability management and incident investigation. This course provides a robust foundation for a Cybersecurity Analyst by covering a wide array of Microsoft Defender products, including Defender for Office 365, Endpoint, Identity, and XDR. You will acquire practical skills in identifying and mitigating security risks, investigating alerts and incidents, and implementing proactive security policies across diverse environments. This hands-on experience with a unified security platform like Microsoft 365 Defender prepares you for comprehensive cyber defense strategies.

See salaries and explore the career path for Cybersecurity Analyst

Security Administrator

A Security Administrator is responsible for implementing, configuring, and managing an organization's security systems, tools, and policies to maintain a secure operating environment. This course offers direct, practical training essential for a Security Administrator, focusing on the extensive Microsoft Defender suite. You will learn to implement policies for email, SharePoint, OneDrive, and Teams, manage device onboarding for Defender for Endpoint, and configure settings in Defender for Cloud. The hands-on simulations provide invaluable experience in administering these critical security products, ensuring that you can effectively maintain and enhance an organization's cybersecurity posture with Microsoft technologies.

See salaries and explore the career path for Security Administrator

Security Operations Engineer

A Security Operations Engineer focuses on building, maintaining, and automating the tools and infrastructure used for security operations, enhancing the efficiency and effectiveness of cyber defense. This course is a strong fit for a Security Operations Engineer. You will gain practical experience in configuring the Microsoft 365 Defender simulation lab, setting up workflow automation, managing alert suppression rules, and automating the onboarding of Azure resources. The training in using Kusto Query Language for threat identification and managing security alerts contributes directly to the engineering and optimization of security detection and response systems within the Microsoft ecosystem.

See salaries and explore the career path for Security Operations Engineer

Platform Security Engineer

A Platform Security Engineer focuses on securing the underlying infrastructure and platforms that host applications and services, including cloud environments and development pipelines. This course is highly relevant for a Platform Security Engineer, particularly with its dedicated module on Microsoft Defender for DevOps. Learners will also engage with Defender for Cloud for server protection, multi-cloud connections, and automation of onboarding Azure resources, alongside workflow automation configurations. These capabilities are crucial for embedding security throughout the infrastructure and development lifecycle, providing hands-on skills in securing the very foundations upon which modern digital services are built.

See salaries and explore the career path for Platform Security Engineer

Identity and Access Management Specialist

An Identity and Access Management Specialist focuses on managing digital identities and controlling access to organizational resources, ensuring that only authorized users have appropriate permissions. The Microsoft Defender Course with hands on training and sims provides highly valuable insights for an Identity and Access Management Specialist. You will learn about Microsoft Entra ID security risk mitigation, concepts of Entra Identity Protection, and mitigating threats with Active Directory Domain Services using Defender for Identity. The practical simulations, such as setting user risk levels, directly enhance your ability to implement and manage robust identity-centric security policies and protect against identity-based attacks within a Microsoft environment.

See salaries and explore the career path for Identity and Access Management Specialist

Security Consultant

A Security Consultant advises organizations on cybersecurity strategies, architectures, and implementation, often requiring a broad and deep understanding of various security technologies. This course is highly beneficial for a Security Consultant, as it provides profound, practical knowledge of the comprehensive Microsoft Defender suite across diverse domains—including cloud, endpoint, identity, and data. This hands-on expertise in configuring and managing a leading enterprise security platform like Microsoft Defender allows consultants to offer credible, actionable advice and design effective security solutions for clients who rely on Microsoft technologies, enhancing their value in a competitive market.

See salaries and explore the career path for Security Consultant

Compliance Analyst

A Compliance Analyst ensures that an organization adheres to legal, regulatory, and internal policies, navigating complex frameworks to maintain governance. This course may be useful for a Compliance Analyst as it introduces key concepts directly related to regulatory requirements. It covers regulatory compliance policies, insider risk policies, and Data Loss Prevention (DLP) concepts and policy generation. The training in audit and search capabilities within Microsoft Defender and Purview also provides practical insights into logging and monitoring for compliance. This knowledge helps a Compliance Analyst understand the technical controls and tools available within the Microsoft ecosystem to meet various compliance obligations and investigate policy alerts.

See salaries and explore the career path for Compliance Analyst

Security Architect

A Security Architect designs and builds robust security systems and frameworks, ensuring they align with organizational goals and risk tolerance. This role typically requires an advanced degree. For a Security Architect, this course may be particularly helpful to gain a detailed understanding of the operational aspects and technical functionalities of critical Microsoft security products. It covers the comprehensive Microsoft Defender suite, including Defender for Cloud, Endpoint, Identity, and XDR, providing insights into their capabilities, configurations, and integration points. This knowledge is foundational for designing effective security postures and making informed architectural decisions for organizations heavily invested in Microsoft technologies, allowing you to design solutions that leverage the full potential of these tools effectively.

See salaries and explore the career path for Security Architect