Module 1: Mitigate threats using Microsoft 365 Defender

• Introduction to threat protection with Microsoft 365
• Mitigate incidents using Microsoft 365 Defender
• Remediate risks with Microsoft Defender for Office 365
• Microsoft Defender for Identity
• Protect your identities with Azure AD Identity Protection
• Microsoft Defender for Cloud Apps
• Respond to data loss prevention alerts using Microsoft 365
• Manage insider risk in Microsoft 365
• Lab: Mitigate threats using Microsoft 365 Defender
• Explore Microsoft 365 Defender

Module 2: Mitigate threats using Microsoft Defender for Endpoint

• Protect against threats with Microsoft Defender for Endpoint
• Deploy the Microsoft Defender for Endpoint environment
• Implement Windows security enhancements
• Perform device investigations
• Perform actions on a device
• Perform evidence and entities investigations
• Configure and manage automation
• Configure for alerts and detections
• Utilize Threat and Vulnerability Management
• Deploy Microsoft Defender for Endpoint
• Mitigate Attacks using Defender for Endpoint
• Lab: Mitigate threats using Microsoft 365 Defender for Endpoint

Module 3: Mitigate threats using Microsoft Defender for Cloud

• Plan for cloud workload protections using Microsoft Defender for Cloud
• Workload protections in Microsoft Defender for Cloud
• Connect Azure assets to Microsoft Defender for Cloud
• Connect non-Azure resources to Microsoft Defender for Cloud
• Remediate security alerts using Microsoft Defender for Cloud
• Deploy Microsoft Defender for Cloud
• Mitigate Attacks with Microsoft Defender for Cloud
• Lab: Mitigate threats using Microsoft Defender for Cloud

Module 4: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)

• Construct KQL statements for Microsoft Sentinel
• Analyze query results using KQL
• Build multi-table statements using KQL
• Work with string data using KQL statements
• Lab: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
• Create queries for Microsoft Sentinel using Kusto Query Language (KQL)

Module 5: Configure your Microsoft Sentinel environment

• Introduction to Microsoft Sentinel
• Create and manage Microsoft Sentinel workspaces
• Query logs in Microsoft Sentinel
• Use watchlists in Microsoft Sentinel
• Utilize threat intelligence in Microsoft Sentinel
• Lab: Configure your Microsoft Sentinel environment
• Configure your Microsoft Sentinel environment

Module 6: Connect logs to Microsoft Sentinel

• Connect data to Microsoft Sentinel using data connectors
• Connect Microsoft services to Microsoft Sentinel
• Connect Microsoft 365 Defender to Microsoft Sentinel
• Connect Windows hosts to Microsoft Sentinel
• Connect Common Event Format logs to Microsoft Sentinel
• Connect syslog data sources to Microsoft Sentinel
• Connect threat indicators to Microsoft Sentinel
• Connect data to Microsoft Sentinel using data connectors
• Connect Windows devices to Microsoft Sentinel using data connectors
• Connect Linux hosts to Microsoft Sentinel using data connectors
• Connect Threat intelligence to Microsoft Sentinel using data connectors
• Lab: Connect logs to Microsoft Sentinel

Module 7: Create detections and perform investigations using Microsoft Sentinel

• Threat detection with Microsoft Sentinel analytics
• Security incident management in Microsoft Sentinel
• Threat response with Microsoft Sentinel playbooks
• User and entity behavior analytics in Microsoft Sentinel
• Query, visualize, and monitor data in Microsoft Sentinel
• Activate a Microsoft Security rule
• Create a Playbook
• Create a Scheduled Query
• Understand Detection Modeling
• Conduct attacks
• Create detections
• Investigate incidents
• Create workbooks
• Lab: Create detections and perform investigations using Microsoft Sentinel

Module 8: Perform threat hunting in Microsoft Sentinel

• Threat hunting concepts in Microsoft Sentinel
• Threat hunting with Microsoft Sentinel
• Hunt for threats using notebooks in Microsoft Sentinel
• Perform threat hunting in Microsoft Sentinel
• Threat hunting using notebooks with Microsoft Sentinel
• Lab: Threat hunting in Microsoft Sentinel