MS-101 Implement threat protection by using Microsoft 365 Defender

Security Engineer
Solution Architect
Technology Manager
Microsoft 365
Office 365

This learning path examines how to manage the Microsoft 365 threat intelligence features that provide organizations with insight and protection against the internal and external cyber-attacks that threaten their tenants.


  • Students should have completed a role-based administrator collection such as Messaging, Teamwork, Security and Compliance, or Collaboration.
  • Students should have a proficient understanding of DNS and basic functional experience with Microsoft 365 services.
  • Students must have a proficient understanding of general IT practices.

Modules in this learning path

This module examines how Microsoft 365 Threat Intelligence provides admins with evidence-based knowledge and actionable advice that can be used to make informed decisions about protecting and responding to cyber-attacks against their tenants.

This module examines how to implement Microsoft Defender for Cloud Apps, which identifies and combats cyberthreats across all your Microsoft and third-party cloud services.

This module examines how Microsoft Defender for Endpoint helps enterprise networks prevent, detect, investigate, and respond to advanced threats by using endpoint behavioral sensors, cloud security analytics, and threat intelligence.

This module examines the Microsoft Defender for Office 365 protection stack and its corresponding threat intelligence features, including Threat Explorer, Threat Trackers, and Attack simulation training.