Skip to main content

Threat Detection: Planning for a Secure Enterprise


Learn about threat detection as part of a defense in-depth strategy to protect, detect, and respond to cybercrime.

Enrollment is Closed

About this course

This course is part of the Microsoft Professional Program in Cybersecurity.

By 2021, worldwide cybercrime damage is expected to reach $6 trillion—double what it cost businesses in 2015. Unapproved apps, unmanaged devices, poor password protection, and other security issues are leaving far too many organizations vulnerable to attack. And as organizations embrace digital transformation, it becomes increasingly urgent for the organization to increase control over their IT infrastructure and reduce security risks.

This course is an overview of threat detection as part of a defense in-depth strategy. You will learn how to protect, detect, and respond to cybercrime as you explore the capabilities of threat detection and mitigation tools.

What you'll learn

After completing this course, students will be able to:

  • Describe signature-based and behavioral / heuristic detection methods
  • List the capabilities of on-premise threat detection and mitigation tools
  • Name the capabilities of hybrid and cloud threat detection and mitigation tools
  • Recognize the importance of Enterprise threat detection monitoring

Prerequisites

  • The current cybersecurity ecosystem
  • Analysis of hacks on computers and networks
  • Basic Risk Management

Course Syllabus

Module 1 Introduction to threat detection as part of the defense in-depth strategy
  • An overview of the modern cyber threat landscape
  • Integrating pre-breach and post-breach approaches to mitigate cyber threats
  • Comparing signature-based and behavioral/heuristic detection methods
  • Combating threat persistence
Module 2 Detecting threats in on-premises environments
  • Windows Defender Advanced Threat Protection
  • Microsoft Advanced Threat Analytics
  • Microsoft Enterprise Threat Detection
  • Microsoft Security Risk Detection
  • Antimalware Scan Interface
  • Logging and Auditing
  • Threat detection tools
Module 3 Detecting threats in hybrid and cloud environments
  • Office 365 Advanced Threat Protection
  • Office 365 Cloud App Security and Microsoft Cloud App Security
  • Azure Advanced Threat Detection
  • Azure Active Directory Identity Protection
  • Azure Active Directory Identity Threat Detection
  • Microsoft Operations Management Suite (OMS)
  • Azure Security Center
  • Advanced Threat Detection Features - Other Azure Services
  • Third-party ATD capabilities through Azure Marketplace
  • Azure Logging and Auditing
  • Microsoft 365
Module 4 Analyzing threat detection solutions in action
  • Detecting persistent threats by using Windows Defender Advanced Threat Protection and Advanced Threat Analytics
  • Enterprise Threat Detection behavioral monitoring

Meet the instructors

Marcin Policht

Marcin Policht

System Engineer
SR Tech

Marcin is a systems engineer with 20+ years of experience in IT.

  • MVP: Microsoft MVP in Directory Services for the last 10 years
  • MCT: Microsoft Certified Trainer
  1. Course Number

    INF249x
  2. Classes Start

  3. Classes End

  4. Estimated Effort

    Total 8 to 16 hours