Course Description
Managing security for Microsoft environments has never been more important. In this course, you will learn about the tools and services Microsoft provides that help to keep you safe and how to design, implement, and troubleshoot the various security solutions.
The course is delivered in cooperation with our partner The Collective. The course instructor is Microsoft MVP Michael Van Horenbeeck. As with all our academy courses, the information presented is up to date and gathered from real-world implementations.
Note: If you already have an All Access Pass subscription, this course has been added to your account.
This program runs for six weeks and includes:
- Weekly live webinars (with recordings and Q&A)
- Weekly assignments to guide your progress
- A community of individuals with the same goals
- A private Facebook group with other participants for sharing reflections, etc.
- The chance to ask Michael questions directly
Course Schedule
Date and Time for Live Webinars
Dates and start time for the live two-hour webinars:
- Module 1: Thursday, Feb 17, 9:00-11:00 AM Central Time (US and Canada)
- Module 2: Thursday, Feb 24, 9:00-11:00 AM Central Time (US and Canada)
- Module 3: Thursday, Mar 3, 9:00-11:00 AM Central Time (US and Canada)
- Module 4: Thursday, Mar 10, 9:00-11:00 AM Central Time (US and Canada)
- Module 5 *Rescheduled*: Thursday, Mar 24, 9:00-11:00 AM Central Time (US and Canada)
- Module 6 *Rescheduled*: Thursday, Mar 31, 9:00-11:00 AM Central Time (US and Canada)
Course Outline
Module 1: Introduction to Microsoft 365 Security and Microsoft Defender for Office 365
- Modern Challenges and Why Security Matters
- Microsoft 365 Security Product Overview
- Licensing Microsoft 365 Security Solutions and Features
- Microsoft Secure Score and How Can It Help
- Introduction to Microsoft Defender for Office 365
- Configuration and Threat Policies
- Investigating Malicious Email
- Removing Email Messages with Threat Explorer
Module 2: Securing Identities: Authentication, Defender for Identity, and Identity Protection
- Introduction to Authentication Methods and Protocols Used in Azure AD
- Protecting Identities with Conditional Access and MFA
- Identifying Risky Users with Azure AD Identity Protection
- Implementing Risky Sign-in Protection in Azure AD
- Managing Applications in Azure AD
- Protecting On-premises Identities with Defender for Identity
- Defender for Identity Deployment and Configuration
Module 3: Endpoint Management and Security
- Securing Endpoint Devices with Microsoft Endpoint Management (MEM)
- Comparing Intune, Group Policies, and Endpoint Configuration Manager
- Why Enrollment Restrictions Matter
- Introduction to Security Baselines within Intune
- Setting Up and Monitoring Security Policies (including Compliance Policies)
- Keeping Windows 10 and Windows 11 Devices Up to Date
- Updating Windows, Applications, and Drivers
Module 4: Defender for Endpoint
- Demystifying Antivirus and EDR Solutions
- Deep Dive into EDR Capabilities and Architecture
- Taking Actions on Devices, Such as Device Isolation and App Restriction
- Using Threat and Vulnerability Management to Identify Potential Risks
- Configuring Microsoft Defender Antivirus, Attack Surface Reduction, and More
- Introduction to Mobile Device Security and Threat Protection
Module 5: Defender for Cloud Apps and Microsoft Information Protection
- What Is a Cloud Access Security Broker (CASB) and Why You Need It
- Gaining Insights into Cloud Usage with Microsoft Defender for Cloud Apps (MDCA)
- Identifying and deploying different Defender for Cloud App Policies
- Protecting (Sensitive) Information
- Real-world Examples of MDCA Use Cases
Module 6: Operationalizing Microsoft 365 Security
- Introduction to the Incident Overview
- Responding to Security Incidents
- Hunting for Threats
- Introduction to Microsoft Sentinel
- Automating Responses via Microsoft Sentinel
Instructor(s)
Michael Van Horenbeeck
CEO