Cart 0

Secure AI Solutions in the Cloud Using Microsoft Defender for Cloud and Microsoft Entra (SC-5009)
Course 8777
1 DAY COURSE

Course Outline

This course introduces security professionals to the security operations capabilities of Microsoft Defender XDR. Participants learn how to investigate, detect, analyze, and respond to threats using Microsoft Defender XDR tools and services.

Learners gain hands-on experience working with incident management, threat hunting, automated investigation and response, and extended detection and response capabilities across Microsoft security solutions.

The course focuses on practical security operations workflows that support enterprise cybersecurity monitoring and incident response initiatives.

Secure AI Solutions in the Cloud Using Microsoft Defender for Cloud and Microsoft Entra (SC-5009) Benefits

  • Course Benefits

    • Learn how to investigate and respond to security incidents using Microsoft Defender XDR
    • Gain practical experience with enterprise threat detection workflows
    • Develop skills in incident analysis and threat hunting
    • Understand automated investigation and remediation capabilities
    • Learn how Microsoft security tools integrate across environments
    • Improve operational cybersecurity response capabilities
    • Gain hands-on experience with Microsoft official labs
    • Supports hybrid and remote attendance through AnyWare®

    Prerequisites

    • Basic understanding of cybersecurity concepts
    • Familiarity with Microsoft 365 environments
    • Basic knowledge of security operations concepts
    • Understanding of identity and endpoint security recommended

Secure AI Cloud Solutions Training Outline

Learning Objectives

Describe Microsoft Defender XDR

  • Describe Microsoft Defender XDR capabilities
  • Explore the Microsoft Defender portal
  • Understand XDR concepts and architecture
  • Identify Microsoft Defender XDR components

Investigate incidents in Microsoft Defender XDR

  • Review incidents and alerts
  • Analyze incident details
  • Correlate related alerts
  • Manage incident investigations

Use threat hunting capabilities

  • Explore advanced hunting features
  • Query security data
  • Investigate suspicious activities
  • Analyze threat intelligence information

Respond to threats with Microsoft Defender XDR

  • Use automated investigation and response
  • Remediate threats and incidents
  • Manage response actions
  • Monitor remediation activities

Explore Microsoft Defender XDR reporting and monitoring

  • Review security dashboards
  • Monitor security posture
  • Analyze operational reports
  • Track threat and incident trends
Course Dates
Attendance Method
Note about the Certification Exam

When you register for the course, you will be prompted to choose Y/N to take the exam. Please select yes, as all HHS CISO employees are required to attempt the exam if one is offered for the course. Please be advised, if your course if funded by DIR, the Certification Organization has agreed to provide DIR the pass/fail status of your exam. DIR will only share this information in an aggregated report to state leadership that reflects total exam pass or fails. No individual names of any students will be included in any reports.

DIR requires that you submit the request for your exam voucher within one month of the last day of your course. DIR requires that you take your exam within six months of the last day of your course.

Additional comments or questions (optional)