SC-5004: Defend against cyberthreats with Microsoft Defender XDR

This intermediate-level learning path equips security operations analysts with the skills to defend against cyberthreats using Microsoft Defender XDR. You’ll learn to deploy and configure Microsoft Defender for Endpoint, manage incidents, perform device investigations, and use Advanced Hunting with Kusto Query Language (KQL) to detect and respond to threats across your environment.

Subscribe to Access

Overview Prerequisites Skills You’ll Gain Self Study Materials Included Tools What You’ll Learn Course Modules FAQs

What’s Included?

High-Quality Video, E-book & Audiobook icon

Module Quizzes icon

AI Mentor

Access for Tablet & Phone

Prerequisites

- Experience using the Microsoft Defender portal
- Basic understanding of Microsoft Defender for Endpoint
- Familiarity with Microsoft Sentinel
- Experience with Kusto Query Language (KQL)

Skills You’ll Gain

Security Incident Investigation
Endpoint Protection Setup
Automated Threat Response
Advanced Threat Hunting
KQL Querying Skills
Threat Analytics Review
Incident Workflow Automation
SIEM Data Analysis

Self Study Materials Included

Videos

Engaging visual content to enhance understanding and learning experience.

Podcasts

Insightful audio sessions featuring expert discussions and real-world cases.

Audiobooks

Listen and learn anytime with convenient audio-based knowledge sharing.

E-Books

Comprehensive digital guides offering in-depth knowledge and learning support.

Module Wise Quizzes

Interactive assessments to reinforce learning and test conceptual clarity.

Additional Resources

Supplementary references and list of tools to deepen knowledge and practical application.

Tools You’ll Master

Microsoft Secure Score

Microsoft Defender XDR

Microsoft Defender Portal

Kusto Query Language (KQL)

What You’ll Learn

Deploy Defender for Endpoint

Set up endpoint protection across devices and workloads.

Investigate & Respond to Alerts

Manage incidents and automate responses with XDR tools.

Hunt Threats with KQL

Use advanced queries for proactive threat detection.

Analyze Security Intelligence

Review reports and insights for informed decision-making.

Course Modules

Lesson 1: Defend against cyberthreats with Microsoft Defender XDR

Module 1: Mitigate incidents using Microsoft Defender

Module 2: Deploy the Microsoft Defender for Endpoint environment

Module 3: Configure for alerts and detections in Microsoft Defender for Endpoint

Module 4: Configure and manage automation using Microsoft Defender for Endpoint

Module 5: Perform device investigations in Microsoft Defender for Endpoint

Frequently Asked Questions

It’s an extended detection and response solution that integrates multiple Defender products for unified threat protection.

Yes, access to a Microsoft 365 E5 tenant with Defender for Endpoint P2 is required for exercises.

Yes, it includes practical labs and exercises for real-world threat scenarios.

It’s a feature in Defender XDR that uses KQL to query and detect threats across your environment.

Security operations analysts and IT professionals responsible for threat detection and response.