MDEMTMaster ClassMT-MDE1.0<p>SecOps team members, device administrators and all interested responsible.</p><h5>Microsoft Defender XDR</h5><ul> <li>Overview of MS Defender XDR</li><li>MDE overview and licensing</li><li>MDE vs. Microsoft Intune</li><li>Zero Trust and MDE</li></ul><h5>Microsoft Defender for Endpoint</h5><ul> <li>MDE architecture</li><li>MDE portal</li><li>MDE activation</li><li>MDE roles and permissions</li></ul><h5>Onboarding/Offboarding</h5><ul> <li>Windows devices via local script, MS Intune and Group policies</li><li>MacOS devices via local script and MS Intune</li><li>Linux and Windows Server via Azure Arc</li><li>Troubleshoot onboarding issues</li><li>Offboard devices</li></ul><h5>Endpoint protection &ndash; Attack surface reduction</h5><ul> <li>Service to Service connection to Microsoft Intune</li><li>Attack surface reduction rules</li><li>Controlled folder access</li><li>Device control</li></ul><h5>Endpoint protection &ndash; Next-generation protection</h5><ul> <li>Cloud protection</li><li>Behavior monitoring</li><li>Real-time protection</li><li>EDR in block mode</li></ul><h5>Endpoint detection and response</h5><ul> <li>Alerts and Incidents management</li><li>Automated investigation and response (AIR)</li><li>Remediation actions</li><li>Device investigation</li><li>Device response actions</li></ul><h5>Additional configurations</h5><ul> <li>Advanced features</li><li>Indicators</li><li>Web content filtering</li><li>Vulnerability Management</li></ul><h5>Advanced Hunting</h5><ul> <li>KQL primer</li><li>Important MDE queries</li></ul><h5>Endpoint DLP (if time permits)</h5>SecOps team members, device administrators and all interested responsible.Microsoft Defender XDR - Overview of MS Defender XDR - MDE overview and licensing - MDE vs. Microsoft Intune - Zero Trust and MDE Microsoft Defender for Endpoint - MDE architecture - MDE portal - MDE activation - MDE roles and permissions Onboarding/Offboarding - Windows devices via local script, MS Intune and Group policies - MacOS devices via local script and MS Intune - Linux and Windows Server via Azure Arc - Troubleshoot onboarding issues - Offboard devices Endpoint protection – Attack surface reduction - Service to Service connection to Microsoft Intune - Attack surface reduction rules - Controlled folder access - Device control Endpoint protection – Next-generation protection - Cloud protection - Behavior monitoring - Real-time protection - EDR in block mode Endpoint detection and response - Alerts and Incidents management - Automated investigation and response (AIR) - Remediation actions - Device investigation - Device response actions Additional configurations - Advanced features - Indicators - Web content filtering - Vulnerability Management Advanced Hunting - KQL primer - Important MDE queries Endpoint DLP (if time permits)4 days3995.003995.003995.003325.003995.003995.00