Hands-On Microsoft Security
Tuesday, May 12, 2020
Learnlab at MicroWarehouse
09:30 - 17:00
Security & Continuity
This course is being presented by Simon Binder who is a Microsoft Most Valuable Professional (MVP) and Microsoft Certified Trainer (MCT). Simon is passionate about sharing knowledge. He’s a frequent speaker, blogger & podcaster, as well as a penguin fanatic.
The course has been designed to cover Microsoft Security across Microsoft 365, Enterprise Mobility & Security and Azure. This is a technical course and the following areas will be covered:
Identity and sync
Set-up sync, Identity protection, risk score as well as Azure ATP.
Securing using MFA and Conditional Access, including hardware tokens
Compliance with Intune
Treat protection in Office 365
Briefly touch on this, just to explain its place in the treat protection story.
Integrations and Endpoint Security
Connecting Intune, MD ATP, O365 ATP and Azure ATP -> Sending logs to Sentinel
Configuring alerts, remediation or reporting for MD ATP
Configure a secure Windows client using Microsoft Intune
BitLocker, including community solutions.
Onboarding to MD ATP
Additional security configurations, Security Baselines, Exploit Guard, Windows Defender
Incident response and proactive countermeasures
Sharing stories from the field, how to behave in the case of an incident, how to rebuild.
Securing additional platforms
MacOS with MD ATP, Encryption, compliance and configuration
Basic MDM security for iOS/iPadOS and Android
During the 2 days participants will configure and manage a majority of threat and identity protection features and services that are part of Microsoft 365. The course will be highly hands-on and Simon will share stories, insights and experiences working for one of the worlds leading Cyber Security and Incident Response teams.
A secure hybrid identity environment will be created and configuring a number of proactive security features to protect from both internal and external attacks.
The participants will then get an insight into Office 365 ATP (Advanced Threat Protection) and how it integrates with the full security stack in Microsoft 365, before continuing to Microsoft Defender ATP.
With the gathered intelligence from Microsoft Defender, Office 365 and Azure ATP we will discover how to get insight into your own security and treat protection landscape using Azure Sentinel. Based on the data, we will configure alerts, remediations and reporting for Microsoft Defender Advanced Threat protection (MDATP).
With all of this in place the next step is to secure the endpoints. The focus of this course will be Windows 10, but it will extend into other operating systems as well. We will configure encryption, treat protection, antimalware and advanced exploit protection using primarily Microsoft Intune.
Simon will also share stories from the field in terms of incident response and proactive work with small and large customers from all over the world.
There is also the opportunity to dive deeper into additional operating system with focus on Mac OS.