Planning for a Secure Enterprise – Improving Detection

Session Detail:    Classroom 1 Day

This 1-day Instructor-led security workshop provides discussion and practical hands-on training for improving cybersecurity threat detection in your enterprise. In this workshop, you will learn about the modern cyber threat landscape and the corresponding detection and prevention methods and a number of customer-managed and Microsoft-managed solutions that provide threat detection capabilities for on-premises workloads. You will also learn about the most prominent Microsoft-managed services that provide threat detection capabilities for hybrid and cloud-based workloads. And finally, you will step through a number of different scenarios that illustrate how these solutions respond to a number of actual cyberattacks, with a description of a Microsoft-recommended comprehensive approach to implementing cybersecurity in hybrid environments.

Prerequisites

This workshop is part of a larger series of Workshops offered by Microsoft on the practice of Security. While it is not required that you have completed any of the other courses in the Security Workshop series before taking this workshop, it is highly recommended that you start with the first course in the series, Microsoft Security Workshop: Enterprise Security Fundamentals.
This workshop requires that you meet the following prerequisites:
In addition to their professional experience, students who take this training should already have the following technical knowledge:

  • Experience with Windows Client and Server administration, maintenance, and troubleshooting.
  • Basic experience and understanding of Windows networking technologies, including Windows Firewall network setting, DNS, DHCP, WiFi, and cloud services concepts.
  • Basic experience and understanding of Active Directory, including functions of a domain controller, sign-on services, and an understanding of group policy.
  • Knowledge of and relevant experience in systems administration, using Windows Server 2012 R2 and 2016.

Learners who take this training can meet the prerequisites by obtaining equivalent knowledge and skills through practical experience as a Security Administrator, System Administrator, or Network Administrator.

Who Can Benefit

This course is intended for IT Professionals that require a deeper understanding of Windows Security andto increase their knowledge level through a predominately hands-on experience with Microsoft threat detection tools for hybrid and cloud-based workloads.

Session Outline

Class Outline

Module 1: An Overview of the Modern Cyber Threat and Cyber Security Landscape

 

  • Lesson 1: An overview of the modern cyber threat landscape
  • Lesson 2: Detection and prevention in the modern cyber threat landscape

After completing this module, you will be able to:

  • Describe the modern cyber threat landscape
  • Describe the approach to detection of and protection against modern cyber threats

 

Module 2: Detecting Threats in On-Premises Environments

  • Lesson 1: Windows Event Forwarding (WEF) and Intrusion Detection
  • Lesson 2: Windows Defender Advanced Threat Protection (ATP)
  • Lesson 3: Microsoft Advanced Threat Analytics (ATA)
  • Lesson 4: Microsoft Enterprise Threat Detection (ETD)
  • Lesson 5: Integrating programming and scripting technologies with threat detection
  • Lesson 6:Logging, Auditing, and Monitoring with Windows-based tools

After completing this module, you will be able to:

  • Configure event forwarding to provide intrusion detection
  • Plan for and deploy Windows Defender Advanced Threat Protection (ATP)
  • Plan for and deploy Advanced Threat Analytics (ATA)
  • Plan for and deploy Microsoft Enterprise Threat Detection (EDT)
  • Explain the benefits of Microsoft Security Risk Detection and AntiMalware Scan Interface (AMSI)
  • Describe core logging, auditing, and monitoring capabilities provided by Windows-based tools

Module 3: Detecting Threats in Hybrid and Cloud Environments

  • Lesson 1: Microsoft Office 365 and SaaS Related Offerings
  • Lesson 2: Azure Advanced Threat Detection
  • Lesson 3: Microsoft Enterprise Mobility and Security Offerings
  • Lesson 4: Azure Logging and Auditing

After completing this module, students will be able to:

  • Describe Microsoft Office 365 and Software-as-a-Service (SaaS)-related offering that delivers threat detection functionality
  • Identify services that comprise Azure Advanced Threat Detection and describe their functionality
  • Explain the benefits of Microsoft Enterprise Mobility and Security offerings
  • Provide a listing of logging and alerting capabilities in Azure and their integration with on-premises SIEM systems.

Module 4: Analyzing Threat Detection Solutions in Action

  • Lesson 1: Layered Machine Learning defenses in Windows Defender Antivirus
  • Lesson 2: Detecting persistent threats by using Windows Defender ATP
  • Lesson 3: Enterprise Threat Detection behavioral monitoring
  • Lesson 4: Microsoft comprehensive approach to cyber threat detection

After completing this module, you will be able to:

  • Provide examples of layered Machine Learning defenses in Windows Defender Antivirus
  • Describe how Windows Defender ATP detects persistent threats
  • Explain how Enterprise Threat Detection behavioral monitoring detects reflective DLL loading
  • Describe the principles of the Microsoft comprehensive approach to cyber threat detection.

Need to train your team?

All of our sessions can be customized to meet your team’s specific need. Build the perfect program by picking and choosing topics from any of the courses in our catalog. A personalized private session gives you the ultimate flexibility and helps maximize your team’s valuable time!

Requesting Team Training
DateTimeTypePriceAdd To Cart

Planning for a Secure Enterprise – Improving Detection

1 Day
Classroom

$295.00

Chat with a Coach

Chat with a Coach

Have a more immediate need? Why spend the next hour searching online for answers when you can spend just 15 minutes with one of our experts and get accurate and personalized answers to all of your questions. 

$9.99 | 15 Minutes

Book Now