Tällä kurssilla tutustutaan, miten Microsoft 365 Defender, Azure Defender ja Azure Sentinel työkaluja käytetään, miten kyberuhkia mitigoidaan ja miten niihin vastataan. Myös KQL eli kusto query language tulee tutuksi tällä kurssilla.
Lähtötasovaatimuksena perustason ymmärrys pilvestä, tietoturvasta ja aikaisempi kokemus tietoturvatutkinnasta on vaan plussaa.
Kesto: 4 päivää
Ajankohta: Toivo ajankohtaa
Hinta: 3800 €
Koulutuksen tarkemmat tiedot
Yleiskuvaus
Skills gained
- Explain how Microsoft Defender for Endpoint can remediate risks in your environment
- Create a Microsoft Defender for Endpoint environment
- Configure Attack Surface Reduction rules on Windows 10 devices
Prerequisites
- Basic understanding of Microsoft 365
- Fundamental understanding of Microsoft security, compliance, and identity products
- Intermediate understanding of Windows 10
- Familiarity with Azure services, specifically Azure SQL Database and Azure Storage
- Familiarity with Azure virtual machines and virtual networking
- Basic understanding of scripting concepts.
Audience profile
The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
Koulutus pidetään suomeksi. Koulutusmateriaaleina käytetään Microsoftin virallisia materiaaleja, jotka toimitetaan osallistujalle sähköisesti. Koulutuksen hintaan sisältyy opetuksen ja kurssimateriaalien lisäksi yksi yritys virallisessa sertifiointitestissä.
Kouluttajat
Markus Lintuala
Senior System Consultant
Pitkä ja laaja käytännön kokemus pilvipalveluista, Microsoft 365 ratkaisuista sekä Microsoftin loppukäyttäjä- ja infraratkaisuista.
- Microsoft Certified Azure Solutions Architect Expert
- Microsoft 365 Certified: Enterprise Administration Expert
- Microsoft Certified Trainer
- Muut sertifioinnit
Mika Vilpo
Senior System Consultant
Yli kymmenen vuoden kokemus pilvipalveluista ja identiteetinhallinnasta. Vahvaa osaamista Microsoftin tuotteista infranäkökulmasta.
- Microsoft Certified Azure Solutions Architect Expert
- MCSE Cloud Platform and Infrastructure
- Microsoft Certified Trainer
Agenda
SC-900: Microsoft security fundamentals
This course provides foundational level knowledge on security, compliance, and identity concepts and related cloud-based Microsoft solutions.
SC-300: Microsoft Identity and access administrator
This course provides IT Identity and Access Professional, along with IT Security Professional, with the knowledge and skills needed to implement identity management solutions based on Microsoft Azure AD, and it connected identity technologies.
SC-400: Microsoft Information protection administrator
Learn how to protect information in your Microsoft 365 deployment. This course focuses on data governance and information protection within your organization. The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies and Office 365 message encryption among other related topics.