Course Description

Managing security for Microsoft environments has never been more important. In this LIVE Online Training, you will learn about the tools and services Microsoft provides that help keep you safe and how to design, implement, and troubleshoot the various security solutions. 

The LIVE Online Training is delivered in cooperation with our partner, The Collective. The course instructor is Microsoft MVP Michael Van Horenbeeck. As with all our academy courses, the information presented is up-to-date and gathered from real-world implementations.

Note: If you already have an All Access Pass subscription, this course has been added to your account.

This program runs for three weeks (6 sessions) and includes:  

  • Weekly live webinars (with recordings and Q&A)
  • Weekly assignments to guide your progress
  • A community of individuals with the same goals
  • A private facebook group with other participants for sharing reflections, progress, etc. 
  • The chance to ask Michael Van Horenbeeck questions directly in a live training environment


This LIVE Online Training is for YOU if you want to:

  • Gain a better understanding of Microsoft 365 Security and Microsoft Defender
  • Implement Microsoft Entra ID Identity Protection
  • Secure endpoint devices and establish security baselines
  • Identify potential risks and effectively use threat and vulnerability management
  • Gain insight into cloud access security broker (CASBs), Microsoft Defender for Cloud Apps (MDCA), and Microsoft Sentinel

Course Schedule

Date and Time for Live Webinars

Dates and start time for the live two-hour webinars:

  • Module 1: Tuesday, February 4, 9:00-11:00 AM Central Time (US and Canada)
  • Module 2: Thursday, February 6, 9:00-11:00 AM Central Time (US and Canada)
  • Module 3: Tuesday, February 18, 9:00-11:00 AM Central Time (US and Canada)
  • Module 4: Thursday, February 20, 9:00-11:00 AM Central Time (US and Canada)
  • Module 5: TBA
  • Module 6: TBA

Course Outline

Module 1: Introduction to Microsoft 365 Security and Microsoft Defender for Office 365

  • Challenges as a Blue Teamer and How/Why to Stay Ahead
  • Microsoft 365 Security at a Glance: Overview of the Product and Feature Landscape
  • (Basic) Tenant Security: What to Consider and Why
  • Microsoft Secure Score and Security Exposure Management
  • Introduction to Microsoft Defender for Office 365
  • Configuration and Threat Policies
  • Investigating Malicious Email
  • Removing Email Messages with Threat Explorer


Module 2: Securing Identities: Authentication, Defender for Identity, and Identity Protection

  • Introduction to (Hybrid) Identities
  • Introduction to Authentication Methods and Protocols Used in Entra ID
  • Protecting Identities with Conditional Access and MFA
  • Identifying Risky Users with Entra ID Identity Protection
  • Implementing Risky Sign-in Protection in Entra ID
  • Managing Applications in Entra ID
  • The Need for and Role of Better Identity Governance
  • Microsoft Identity Governance Capabilities
  • Protecting On-premises Identities with Defender for Identity
  • Defender for Identity Deployment and Configuration


Module 3: Endpoint Management and Security

  • Securing Endpoint Devices with Microsoft Intune
  • Comparing Intune, Group Policies, and  Configuration Manager
  • Why Enrollment Restrictions Matter
  • Introduction to Security Baselines within Intune
  • Setting Up and Monitoring Security Policies (including Compliance Policies)
  • Keeping Windows Devices Up to Date 
  • Updating Windows, Applications, and Drivers


Module 4: Defender for Endpoint

  • Demystifying Antivirus and EDR Solutions
  • Deep Dive into EDR Capabilities and Architecture
  • Taking Actions on Devices, Such as Device Isolation and App Restriction
  • Using Threat and Vulnerability Management to Identify Potential Risks
  • Configuring Microsoft Defender Antivirus, Attack Surface Reduction, and More
  • Introduction to Mobile Device Security and Threat Protection


Module 5: Defender for Cloud Apps and Microsoft Information Protection 

  • What Is a Cloud Access Security Broker (CASB) and Why You Need It
  • Gaining Insights into Cloud Usage with Microsoft Defender for Cloud Apps (MDCA)
  • Identifying and Deploying Different Defender for Cloud Apps Policies
  • Protecting (Sensitive) Information
  • Real-world Examples of MDCA Use Cases


Module 6: Operationalizing Microsoft 365 Security

  • Introduction to the Incident Overview
  • Responding to Security Incidents
  • Hunting for Threats
  • Introduction to Microsoft Sentinel (Siem/SOAR)
  • Automating Responses via Microsoft Sentinel
  • Q&A and a Look Back over Previous Modules

Instructor

Michael Van Horenbeeck is a Microsoft Certified Solutions Master (MCSM) and Azure Threat Protection MVP from Belgium, and one of the few people worldwide to hold both the coveted certification and award at the same time. He is a dynamic tech enthusiast and focuses on Security, Identity Management, with a history in Messaging and Collaboration. In his daily job, Michael is the CEO at “The Collective” and works with customers of all sizes around the globe to help them become and stay secure with, and through, Microsoft's solutions and services. Besides his job at The Collective, Michael loves to engage with the community and inspire people. He is the driving force behind the Microsoft 365 Security for IT Pros eBook and you can regularly find him writing about technology for a variety of tech websites or catch him speaking at different events across the globe. Michael is on Twitter as @vanhybrid and you can follow his ramblings on m365securitybook.com, insight365.eu, or through his company's website www.thecollective.eu.

Michael Van Horenbeeck

CEO