SC-200: Mitigate threats using Microsoft Defender for Endpoint

Intermediate
Security Operations Analyst
Windows

Implement the Microsoft Defender for Endpoint platform to detect, investigate, and respond to advanced threats. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

Prerequisites

  • Basic understanding of Microsoft 365
  • Intermediate understanding of Windows 10 devices
  • Understanding of Microsoft Defender like you could learn from learning path SC-200: Mitigate threats using Microsoft Defender

Modules in this learning path

Learn how Microsoft Defender for Endpoint can help your organization stay secure.

Learn how to deploy the Microsoft Defender for Endpoint environment, including onboarding devices and configuring security.

Microsoft Defender for Endpoint gives you various tools to eliminate risks by reducing the surface area for attacks without blocking user productivity. Learn about Attack Surface Reduction (ASR) with Microsoft Defender for Endpoint.

Microsoft Defender for Endpoint provides detailed device information, including forensics information. Learn about information available to you through Microsoft Defender for Endpoint that will aid in your investigations.

Learn how Microsoft Defender for Endpoint provides the remote capability to contain devices and collect forensics data.

Learn about the artifacts in your environment and how they relate to other artifacts and alerts that will provide you insight to understand the overall impact to your environment.

Learn how to configure automation in Microsoft Defender for Endpoint by managing environmental settings.

Learn how to configure settings to manage alerts and notifications. You'll also learn to enable indicators as part of the detection process.

Learn about your environment's weaknesses by using Vulnerability Management in Microsoft Defender for Endpoint.