MEAPSA

Perform evidence and entities investigations using Microsoft Defender for Endpoint

Learn about the artifacts in your environment and how they relate to other artifacts and alerts that will provide you with insight to understand the overall impact to your environment.

Security Operations Analyst

Microsoft 365

Defender Endpoint

Module Objectives

Upon completion of this module, the learner will be able to:

Investigate files in Microsoft Defender for Endpoint
Investigate domains and IP addresses in Microsoft Defender for Endpoint
Investigate user accounts in Microsoft Defender for Endpoint

Units

Introduction min
Investigate a file min
Investigate a user account min
Investigate an IP address min
Investigate a domain min
Knowledge check min
Summary and resources min

Prerequisites

Intermediate understanding of Windows 10.