Introduction
Attackers can use various threat vectors to access targets within an organization. They can methodically work their way from one step to another in the kill chain once a user or computer has been compromised.
This module introduces you to several features in Microsoft 365 that can help:
- protect your organization against cyberthreats.
- detect when a user or computer has been compromised.
- monitor your organization for suspicious activities.
The feature areas that will be discussed in this training fall under the Microsoft Defender XDR umbrella. They include:
- Microsoft Defender for Office 365
- Microsoft Defender for Identity
- Microsoft Defender for Endpoint
- Microsoft Defender for Cloud Apps
This module provides a high-level overview of each of these areas, all of which will be discussed in greater detail in later training. It also introduces you to Microsoft 365 Threat Intelligence.
After completing this module, you'll be able to:
- Identify the features of Microsoft Defender for Office 365 that enhance email security in a Microsoft 365 deployment.
- Explain how Microsoft Defender for Identity identifies, detects, and investigates advanced threats, compromised identities, and malicious insider actions directed at your organization.
- Explain how Microsoft Defender for Endpoint helps enterprise networks prevent, detect, investigate, and respond to advanced threats.
- Describe how Microsoft 365 Threat Intelligence can be beneficial to your organization’s security officers and administrators.
- Describe how Microsoft Cloud App Security enhances visibility and control over your Microsoft 365 tenant.
Note
Microsoft Defender for Office 365, Threat Intelligence, Advanced Security Management, and most of the Alert capabilities require a Microsoft 365 E5 subscription for your organization. If you don't have that plan and want to try these features, you can sign up for a trial of Microsoft 365 Enterprise E5.