SC-5004: Defend against cyberthreats with Microsoft Defender XDR
Course Overview
SC-5004: Defend Against Cyberthreats with Microsoft Defender XDR is a hands-on, instructor-led course designed for cybersecurity professionals aiming to strengthen their threat detection and response capabilities using Microsoft Defender Extended Detection and Response (XDR). This course provides an in-depth understanding of how to leverage Microsoft Defender XDR’s unified security platform to proactively detect, investigate, and respond to complex cyber threats across endpoints, identities, cloud workloads, and applications.
Participants will explore advanced threat analytics, automated investigation, and response orchestration to enhance organizational security posture and resilience. The course emphasizes practical application of Microsoft Defender tools to defend against modern cyberattacks effectively.
Audience
This course is intended for:
Security Operations Center (SOC) analysts and incident responders using Microsoft Defender XDR
Cybersecurity engineers and architects managing integrated threat protection solutions
IT security professionals focused on endpoint, identity, and cloud workload security
Professionals preparing for Microsoft security certifications related to Defender and XDR
Prior experience with Microsoft security products and foundational cybersecurity knowledge are recommended for optimal learning.
Course Outline
Module 1: Understanding Microsoft Defender XDR
Overview of Extended Detection and Response (XDR) capabilities
Components and architecture of Microsoft Defender XDR
Mapping common cyber threats and attack vectors
Module 2: Endpoint Protection and Response
Deploying and configuring Microsoft Defender for Endpoint
Utilizing Endpoint Detection and Response (EDR) features
Analyzing endpoint alerts and telemetry data
Module 3: Identity and Access Security
Integrating Microsoft Defender for Identity and Azure AD protection
Detecting identity-based threats and compromised credentials
Implementing conditional access and zero trust principles
Module 4: Cloud Workload and Application Security
Protecting Azure workloads with Microsoft Defender for Cloud
Securing Office 365 with Microsoft Defender for Office 365
Managing cloud app security and data protection
Module 5: Threat Detection, Investigation, and Hunting
Leveraging Microsoft Sentinel for centralized security analytics
Performing threat hunting using Microsoft Defender XDR tools
Automating investigations with Microsoft’s AI-driven capabilities
Module 6: Incident Response and Remediation
Designing effective incident response workflows
Using automated investigation and remediation (AIR) in Defender
Best practices for containment, mitigation, and recovery
Hands-On Experience
This course includes 40% to 50% hands-on exercises, providing practical experience in deploying, configuring, and managing Microsoft Defender XDR to detect and defend against cyber threats in real-world scenarios.
Hands-On Labs
This course includes practical, hands-on laboratory exercises to reinforce your learning:
Ready to Get Started?
Join thousands of professionals who have advanced their careers with our training programs.
Join Scheduled Training
Find upcoming sessions for this course and register for instructor-led training with other professionals.
View ScheduleCustom Training Solution
Need training for your team? We'll create a customized program that fits your organization's specific needs.
Get Custom Quote