Microsoft Security Engineer Training - Panama

Microsoft Security Engineer Training

Our Microsoft training

course is accredited by Microsoft

The Microsoft Security Engineer Training equips professionals with skills to protect systems, data, and networks. This training excels in preparing delegates by providing hands-on skills that align with industry standards, ensuring their readiness for the cybersecurity field

REASONS TO CHOOSE

Gain a deep understanding of Microsoft's security technologies and strategies
Master compliance standards & regulations to ensure data protection & legal adherence
Learn to secure cloud-based services with this Microsoft Security Engineer Training
Acquire the skills to set up and manage security monitoring systems
Obtain a Microsoft Certification and gain a competitive edge in the job market

View courses

Our Microsoft training

course is accredited by Microsoft

Microsoft Security Engineer Training

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (4 days)

Online Self-paced (32 hours)

Microsoft Security Operations Analyst SC200 Course Outline

Module 1: Introduction to Microsoft 365 Threat Protection

Introduction
Explore Extended Detection and Response (XDR) Response Use Cases
Understand Microsoft 365 Defender in a Security Operations Centre (SOC)
Explore Microsoft Security Graph
Investigate Security Incident in Microsoft 365 Defender

Module 2: Mitigate Incidents Using Microsoft 365 Defender

Introduction
Use the Microsoft 365 Defender Portal
Manage Incidents
Investigate Incidents
Manage and Investigate Alerts
Manage Automated Investigations
Use the Action Centre
Explore Advanced Hunting
Investigate Azure AD Sign-In Logs
Understand Microsoft Secure Score
Analyse Threat Analytics
Analyse Reports
Configure the Microsoft 365 Defender Portal

Module 3: Protect Your Identities with Azure AD Identity Protection

Introduction
Azure AD Identity Protection Overview
Detect Risks with Azure AD Identity Protection Policies
Investigate and Remediate Risks Detected by Azure AD Identity Protection

Module 4: Remediate Risks with Microsoft Defender for Office 365

Introduction to Microsoft Defender for Office 365
Automate, Investigate, and Remediate
Configure, Protect, and Detect
Simulate Attacks

Module 5: Safeguard Your Environment with Microsoft Defender for Identity

Introduction to Microsoft Defender for Identity
Configure Microsoft Defender for Identity Sensors
Review Compromised Accounts or Data
Integrate with Other Microsoft Tools

Module 6: Secure Your Cloud Apps and Services with Microsoft Defender for Cloud Apps

Introduction
Understand the Defender for Cloud Apps Framework
Explore Your Cloud Apps with Cloud Discovery
Protect Your Data and Apps with Conditional Access App Control
Walk Through Discovery and Access Control with Microsoft Defender for Cloud Apps
Classify and Protect Sensitive Information
Detect Threats

Module 7: Respond to Data Loss Prevention Alerts Using Microsoft 365

Introduction
Describe Data Loss Prevention Alerts
Investigate Data Loss Prevention Alerts in Microsoft Purview
Investigate Data Loss Prevention Alerts in Microsoft Defender for Cloud Apps

Module 8: Manage Insider Risk in Microsoft Purview

Insider Risk Management Overview
Introduction to Managing Insider Risk Policies
Create and Manage Insider Risk Policies
Knowledge Check
Investigate Insider Risk Alerts
Take Action on Insider Risk Alerts through Cases
Manage Insider Risk Management Forensic Evidence
Create Insider Risk Management Notice Templates

Module 9: Investigate Threats by Using Audit Features in Microsoft 365 Defender and Microsoft Purview Standard

Introduction to Threat Investigation with the Unified Audit Log (UAL)
Explore Microsoft Purview Audit Solutions
Implement Microsoft Purview Audit (Standard)
Start Recording Activity in the Unified Audit Log
Search the Unified Audit Log (UAL)
Export, Configure, and View Audit Log Records
Use Audit Log Searching to Investigate Common Support Issues

Module 10: Investigate Threats Using Audit in Microsoft 365 Defender and Microsoft Purview (Premium)

Introduction to Threat Investigation with the Unified Audit Log (UAL)
Explore Microsoft Purview Audit Solutions
Implement Microsoft Purview Audit (Standard)
Start Recording Activity in the Unified Audit Log
Search the Unified Audit Log (UAL)
Export, Configure, and View Audit Log Records
Use Audit Log Searching to Investigate Common Support Issues

Module 11: Investigate Threats with Content Search in Microsoft Purview

Introduction
Explore Microsoft Purview eDiscovery Solutions
Create a Content Search
View the Search Results and Statistics
Export the Search Results and Search Report
Configure Search Permissions Filtering
Search for and Delete Email Messages

Module 12: Protect Against Threats with Microsoft Defender for Endpoint

Introduction to Microsoft Defender for Endpoint
Practice Security Administration
Hunt Threats within Your Network

Module 13: Deploy the Microsoft Defender for Endpoint Environment

Introduction
Create Your Environment
Understand Operating Systems Compatibility and Features
Onboard Devices
Manage Access
Create and Manage Roles for Role-Based Access Control
Configure Device Groups
Configure Environment Advanced Features

Module 14: Implement Windows Security Enhancements with Microsoft Defender for Endpoint

Introduction
Understand Attack Surface Reduction
Enable Attack Surface Reduction Rules

Module 15: Perform Device Investigations in Microsoft Defender for Endpoint

Introduction
Use the Device Inventory List
Investigate the Device
Use Behavioral Blocking
Detect Devices with Device Discovery

Module 16: Perform Actions on a Device Using Microsoft Defender for Endpoint

Introduction
Explain Device Actions
Run Microsoft Defender Antivirus Scan on Devices
Collect Investigation Package from Devices
Initiate Live Response Session

Module 17: Perform Evidence and Entities Investigations Using Microsoft Defender for Endpoint

Introduction
Investigate a File
Investigate a User Account
Investigate an IP Address
Investigate a Domain

Module 18: Configure and Manage Automation Using Microsoft Defender for Endpoint

Introduction
Configure Advanced Features
Manage Automation Upload and Folder Settings
Configure Automated Investigation and Remediation Capabilities
Block At-Risk Devices

Module 19: Configure for Alerts and Detections in Microsoft Defender for Endpoint

Introduction
Configure Advanced Features
Configure Alert Notifications
Manage Alert Suppression
Manage Indicators

Module 20: Utilise Vulnerability Management in Microsoft Defender for Endpoint

Introduction
Understand Vulnerability Management
Explore Vulnerabilities on Your Devices
Manage Remediation

Module 21: Plan for Cloud Workload Protections Using Microsoft Defender for Cloud

Introduction
Explain Microsoft Defender for Cloud
Describe Microsoft Defender for Cloud Workload Protections
Exercise – Microsoft Defender for Cloud Interactive Guide
Enable Microsoft Defender for Cloud

Module 22: Connect Azure Assets to Microsoft Defender for Cloud

Introduction
Explore and Manage Your Resources with Asset Inventory
Configure Auto Provisioning
Manual Log Analytics Agent Provisioning

Module 23: Connect Non-Azure Resources to Microsoft Defender for Cloud

Introduction
Protect Non-Azure Resources
Connect Non-Azure Machines
Connect Your AWS Accounts
Connect Your GCP Accounts

Module 24: Manage Your Cloud Security Posture Management

Introduction
Explore Secure Score
Explore Recommendations
Measure and Enforce Regulatory Compliance
Understand Workbooks

Module 25: Explain Cloud Workload Protections in Microsoft Defender for Cloud

Introduction
Understand Microsoft Defender for Servers
Understand Microsoft Defender for App Service
Understand Microsoft Defender for Storage
Understand Microsoft Defender for SQL
Understand Microsoft Defender for Open-Source Databases
Understand Microsoft Defender for Key Vault
Understand Microsoft Defender for Resource Manager
Understand Microsoft Defender for DNS
Understand Microsoft Defender for Containers
Understand Microsoft Defender Additional Protections

Module 26: Remediate Security Alerts Using Microsoft Defender for Cloud

Introduction
Understand Security Alerts
Remediate Alerts and Automate Responses
Suppress Alerts from Defender for Cloud
Generate Threat Intelligence Reports
Respond to Alerts from Azure Resources

Module 27: Construct KQL Statements for Microsoft Sentinel

Introduction
Understand the Kusto Query Language Statement Structure
Use the Search Operator
Use the Where Operator
Use the Let Statement
Use the Extend Operator
Use the Order By Operator
Use the Project Operators

Module 28: Analyse Query Results Using KQL

Introduction
Use the Summarise Operator
Use the Summarise Operator to Filter Results
Use the Summarise Operator to Prepare Data
Use the Render Operator to Create Visualisations

Module 29: Build Multi-Table Statements Using KQL

Introduction
Use the Union Operator
Use the Join Operator

Module 30: Work with Data in Microsoft Sentinel Using Kusto Query Language

Introduction
Extract Data from Unstructured String Fields
Extract Data from Structured String Data
Integrate External Data
Create Parsers with Functions

Module 31: Introduction to Microsoft Sentinel

Introduction
What is Microsoft Sentinel?
How Microsoft Sentinel Works?
When to Use Microsoft Sentinel?

Module 32: Create and Manage Microsoft Sentinel Workspaces

Introduction
Plan for the Microsoft Sentinel Workspace
Create a Microsoft Sentinel Workspace
Manage Workspaces Across Tenants Using Azure Lighthouse
Understand Microsoft Sentinel Permissions and Roles
Manage Microsoft Sentinel Settings
Configure Logs

Module 33: Query Logs in Microsoft Sentinel

Introduction
Query Logs in the Logs Page
Understand Microsoft Sentinel Tables
Understand Common Tables
Understand Microsoft 365 Defender Tables

Module 34: Use Watchlists in Microsoft Sentinel

Introduction
Plan for Watchlists
Create a Watchlist
Manage Watchlists

Module 35: Utilise Threat Intelligence in Microsoft Sentinel

Introduction
Define Threat Intelligence
Manage Your Threat Indicators
View Your Threat Indicators with KQL

Module 36: Connect Data to Microsoft Sentinel Using Data Connectors

Introduction
Ingest Log Data with Data Connectors
Understand Data Connector Providers
View Connected Hosts

Module 37: Connect Microsoft Services to Microsoft Sentinel

Introduction
Plan for Microsoft Services Connectors
Connect the Microsoft Office 365 Connector
Connect the Azure Active Directory Connector
Connect the Azure Active Directory Identity Protection Connector
Connect the Azure Activity Connector

Module 38: Connect Microsoft 365 Defender to Microsoft Sentinel

Introduction
Plan for Microsoft 365 Defender Connectors
Connect the Microsoft 365 Defender Connector
Connect Microsoft Defender for Cloud Connector
Connect Microsoft Defender for IoT
Connect Microsoft Defender Legacy Connectors

Module 39: Connect Windows Hosts to Microsoft Sentinel

Introduction
Plan for Windows Hosts Security Events Connector
Connect Using the Windows Security Events via AMA Connector
Connect Using the Security Events via Legacy Agent Connector
Collect Sysmon Event Logs

Module 40: Connect Common Event Format Logs to Microsoft Sentinel

Introduction
Plan for Common Event Format Connector
Connect Your External Solution Using the Common Event Format Connector

Module 41: Connect Syslog Data Sources to Microsoft Sentinel

Introduction
Plan for Syslog Data Collection
Collect Data from Linux-Based Sources Using Syslog
Configure the Data Collection Rule for Syslog Data Sources
Parse Syslog Data with KQL

Module 42: Connect Threat Indicators to Microsoft Sentinel

Introduction
Plan for Threat Intelligence Connectors
Connect the Threat Intelligence TAXII Connector
Connect the Threat Intelligence Platforms Connector
View Your Threat Indicators with KQL

Module 43: Threat Detection with Microsoft Sentinel Analytics

Introduction
Exercise - Detect Threats with Microsoft Sentinel Analytics
What is Microsoft Sentinel Analytics?
Types of Analytics Rules
Create an Analytics Rule from Templates
Create an Analytics Rule from Wizard
Manage Analytics Rules
Exercise - Detect Threats with Microsoft Sentinel Analytics

Module 44: Automation in Microsoft Sentinel

Introduction
Understand Automation Options
Create Automation Rules

Module 45: Security Incident Management in Microsoft Sentinel

Introduction
Exercise - Set Up the Azure Environment
Understand Incidents
Incident Evidence and Entities
Incident Management
Exercise - Investigate an Incident

Module 46: Identify Threats with Behavioral Analytics

Introduction
Understand Behavioral Analytics
Explore Entities
Display Entity Behavior Information
Use Anomaly Detection Analytical Rule Templates

Module 47: Data Normalisation in Microsoft Sentinel

Introduction
Understand Data Normalisation
Use ASIM Parsers
Understand Parameterised KQL Functions
Create an ASIM Parser
Configure Azure Monitor Data Collection Rules

Module 48: Query, Visualise, and Monitor Data in Microsoft Sentinel

Introduction
Exercise - Query and Visualise Data with Microsoft Sentinel Workbooks
Monitor and Visualise Data
Query Data Using Kusto Query Language
Use Default Microsoft Sentinel Workbooks
Create a New Microsoft Sentinel Workbook
Exercise - Visualise Data Using Microsoft Sentinel Workbooks

Module 49: Manage Content in Microsoft Sentinel

Introduction
Use Solutions from the Content Hub
Use Repositories for Deployment

Module 50: Explain Threat Hunting Concepts in Microsoft Sentinel

Introduction
Understand Cybersecurity Threat Hunts
Develop a Hypothesis
Explore MITRE ATT and CK

Module 51: Threat Hunting with Microsoft Sentinel

Introduction
Exercise Setup
Explore Creation and Management of Threat-Hunting Queries
Save Key Findings with Bookmarks
Observe Threats Over Time with Livestream
Exercise - Hunt for Threats by Using Microsoft Sentinel

Module 52: Use Search Jobs in Microsoft Sentinel

Introduction
Hunt with a Search Job
Restore Historical Data

Module 53: Hunt for Threats Using Notebooks in Microsoft Sentinel

Introduction
Access Azure Sentinel Data with External Tools
Hunt with Notebooks
Create a Notebook
Explore Notebook Code

Explore Course Information

See dates & prices

Who should attend this Microsoft Security Operations Analyst SC200 Training Course?

This Microsoft Security Operations Analyst SC200 Course is designed for individuals who are interested in developing their skills and expertise in the field of Security Operations and Threat Detection and Response using Microsoft technologies. This training course is especially beneficial for the following professionals:

Cybersecurity Analysts
Threat Detection Specialists
Security Engineers
Incident Responders
IT Administrators
Network Administrators
Cloud Security Analysts

Prerequisites of the Microsoft Security Operations Analyst SC200 Training Course

There are no formal prerequisites for this Microsoft Security Operations Analyst SC200 Course. However, basic knowledge of Cybersecurity and IT concepts would be beneficial for the delegates.

Microsoft Security Operations Analyst SC200 Course Overview

The Microsoft Security Operations Analyst SC200 Training is a vital course that equips professionals with the knowledge and skills needed to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender. In today's cybersecurity landscape, the ability to mitigate cyberthreats is of utmost importance, making this course highly relevant and valuable.

Professionals involved in Security Operations roles, including Security Engineers, Analysts, and those responsible for safeguarding digital assets, should aim to master this subject. With the increasing sophistication of cyber threats, knowing how to effectively use these technologies and Kusto Query Language (KQL) is crucial for ensuring the security and resilience of an organisation's digital infrastructure.

The 4-day training course offered by the Knowledge Academy is designed to empower delegates with the practical skills and knowledge necessary to excel in a Security Operations job role. This course focuses on configuring and using Microsoft Sentinel and utilising KQL for detection, analysis, and reporting. It also prepares delegates for the SC-200: Microsoft Security Operations Analyst exam, making it a comprehensive and valuable training opportunity.

Course Objectives

To investigate and respond to threats using Microsoft Sentinel
To utilise Kusto Query Language (KQL) for threat detection and analysis
To configure Microsoft Sentinel for effective threat mitigation
To enhance threat hunting capabilities using Microsoft Defender for Cloud and Microsoft 365 Defender
To master the practical skills necessary for a Security Operations job role

Upon completion of this Microsoft Security Engineer Training Course, delegates will benefit from an advanced skill set and in-depth knowledge of threat mitigation using Microsoft security technologies. They will be well-prepared to effectively respond to cyber threats, enhancing their organisation's security posture and contributing to a safer digital environment.

Explore Course Information

See dates & prices

What’s included in this Microsoft Security Operations Analyst SC200 Training Course?

World-Class Training Sessions from Experienced Instructors
Microsoft Security Operations Analyst SC200 Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (4 days)

Online Self-paced (32 hours)

Microsoft Identity and Access Administrator SC300 Course Outline

Module 1: Explore Identity and Azure AD

Introduction
Explain the Identity Landscape
Explore Zero Trust with Identity
Discuss Identity as a Control Plane
Explore Why We Have Identity
Define Identity Administration
Contrast Decentralised Identity with Central Identity Systems
Discuss Identity Management Solutions
Explain Azure AD Business to Business
Compare Microsoft Identity Providers
Define Identity Licensing
Explore Authentication
Discuss Authorisation
Explain Auditing in Identity

Module 2: Implement Initial Configuration of Azure Active Directory

Introduction
Configure Company Brand
Configure and Manage Azure Active Directory Roles
Exercise: Manage Users Roles
Configure Delegation by Using Administrative Units
Analyse Azure AD Role Permissions
Configure and Manage Custom Domains
Configure Tenant-Wide Settings
Exercise: Setting Tenant-Wide Properties

Module 3: Create, Configure, and Manage Identities

Introduction
Create, Configure, and Manage Users
Exercise: Assign Licenses to Users
Exercise: Restore or Remove Deleted Users
Create, Configure, and Manage Groups
Exercise: Add Groups in Azure Active Directory
Configure and Manage Device Registration
Manage Licenses
Exercise: Change Group License Assignments
Exercise: Change User License Assignments
Create Custom Security Attributes
Explore Automatic User Creation

Module 4: Implement and Manage External Identities

Introduction
Describe Guest Access and Business to Business Accounts
Manage External Collaboration
Exercise: Configure External Collaboration
Invite External Users - Individually and in Bulk
Exercise: Add Guest Users to Directory
Exercise: Invite Guest Users in Bulk
Demo: Manage Guest Users in Azure Active Directory
Manage External User Accounts in Azure Active Directory
Manage External Users in Microsoft 365 Workloads
Exercise: Explore Dynamic Groups
Implement Cross-Tenant Access Controls
Configure Identity Providers
Implement and Manage Entra Verified ID

Module 5: Implement and Manage Hybrid Identity

Introduction
Plan, Design, and Implement Azure Active Directory Connect
Implement Manage Password Hash Synchronisation (PHS)
Implement Manage Pass-Through Authentication (PTA)
Demo: Manage Pass-Through Authentication and Seamless Single Sign-On (SSO)
Implement and Manage Federation
Troubleshoot Synchronisation Errors
Implement Azure Active Directory Connect Health
Manage Azure Active Directory Connect Health

Module 6: Secure Azure Active Directory Users with Multi-Factor Authentication

Introduction
What Is Azure AD Multi-Factor Authentication?
Plan Your Multi-Factor Authentication Deployment
Exercise: Enable Azure AD Multi-Factor Authentication
Configure Multi-Factor Authentication Methods

Module 7: Manage User Authentication

Introduction
Administer FIDO2 and Passwordless Authentication Methods
Explore Authenticator App and OATH Tokens
Implement an Authentication Solution Based on Windows Hello for Business
Exercise: Configure and Deploy Self-Service Password Reset
Deploy and Manage Password Protection
Configure Smart Lockout Thresholds
Exercise: Manage Azure Active Directory Smart Lockout Values
Implement Kerberos and Certificate-Based Authentication in Azure AD
Configure Azure AD User Authentication for Virtual Machines

Module 8: Plan, Implement, and Administer Conditional Access

Introduction
Plan Security Defaults
Exercise: Work with Security Defaults
Plan Conditional Access Policies
Implement Conditional Access Policy Controls and Assignments
Exercise: Implement Conditional Access Policies Roles and Assignments
Test and Troubleshoot Conditional Access Policies
Implement Application Controls
Implement Session Management
Exercise: Configure Authentication Session Controls
Implement Continuous Access Evaluation

Module 9: Manage Azure AD Identity Protection

Introduction
Review Identity Protection Basics
Implement and Manage User Risk Policy
Exercise: Enable Sign-In Risk Policy
Exercise: Configure Azure Active Directory Multi-Factor Authentication Registration Policy
Monitor, Investigate, and Remediate Elevated Risky Users
Implement Security for Workload Identities
Explore Microsoft Defender for Identity

Module 10: Implement Access Management for Azure Resources

Introduction
Assign Azure Roles
Configure Custom Azure Roles
Create and Configure Managed Identities
Access Azure Resources with Managed Identities
Analyse Azure Role Permissions
Configure Azure Key Vault RBAC Policies
Retrieve Objects from Azure Key Vault
Explore Entra Permissions Management (CloudKnox)

Module 11: Plan and Design the Integration of Enterprise Apps for SSO

Introduction
Discover Apps by Using Microsoft Defender for Cloud Apps and Active Directory Federation Services App Report
Configure Connectors to Apps
Exercise: Implement Access Management for Apps
Design and Implement App Management Roles
Exercise: Create a Custom Role to Manage App Registration
Configure Pre-Integrated Gallery SaaS Apps
Implement and Manage Policies for OAuth Apps

Module 12: Implement and Monitor the Integration of Enterprise Apps for SSO

Introduction
Implement Token Customisations
Implement and Configure Consent Settings
Integrate On-Premises Apps by Using Azure Active Directory Application Proxy
Integrate Custom SaaS Apps for Single Sign-On
Implement Application User Provisioning
Monitor and Audit Access to Azure Active Directory Integrated Applications
Create and Manage Application Collections

Module 13: Implement App Registration

Introduction
Plan Your Line of Business Application Registration Strategy
Implement Application Registration
Exercise: Register an Application
Configure Application Permission
Exercise: Grant Tenant-Wide Admin Consent to an Application
Implement Application Authorisation
Exercise: Add App Roles to Application and Receive Tokens
Manage and Monitor Applications with App Governance

Module 14: Plan and Implement Entitlement Management

Introduction
Define Access Packages
Exercise: Create and Manage a Resource Catalog with Azure AD Entitlement
Configure Entitlement Management
Exercise: Add Terms of Use Acceptance Report
Exercise: Manage the Lifecycle of External Users with Azure AD Identity Governance
Configure and Manage Connected Organisations
Review Per-User Entitlements

Module 15: Plan, Implement, and Manage Access Review

Introduction
Plan for Access Reviews
Create Access Reviews for Groups and Apps
Create and Configure Access Review Programs
Monitor Access Review Findings
Automate Access Review Management Tasks
Configure Recurring Access Reviews

Module 16: Plan and Implement Privileged Access

Introduction
Define a Privileged Access Strategy for Administrative Users
Configure Privileged Identity Management for Azure Resources
Exercise: Configure Privileged Identity Management for Azure Active Directory Roles
Exercise: Assign Azure Active Directory Roles in Privileged Identity Management
Exercise: Assign Azure Resource Roles in Privileged Identity Management
Plan and Configure Privileged Access Groups
Analyse Privileged Identity Management Audit History and Reports
Create and Manage Emergency Access Accounts

Module 17: Monitor and Maintain Azure Active Directory

Introduction
Analyse and Investigate Sign-In Logs to Troubleshoot Access Issues
Review and Monitor Azure Active Directory Audit Logs
Exercise: Connect Data from Azure Active Directory to Microsoft Sentinel
Export Logs to Third-Party Security Information and Event Management System
Analyse Azure Active Directory Workbooks and Reporting
Monitor Security Posture with Identity Secure Score

Explore Course Information

See dates & prices

Who should attend this Microsoft Identity and Access Administrator SC300 Training Course?

This Microsoft Identity and Access Administrator SC300 Training Course is designed for individuals who are interested in becoming proficient in managing Identity and Access Management using Microsoft technologies. This training course is especially beneficial for the following professionals:

Identity and Access Managers
Security Administrators
IT Administrators
Security Engineers
Cloud Administrators
Cybersecurity Analysts
Compliance Officers

Prerequisites of the Microsoft Identity and Access Administrator SC300 Training Course

There are no formal prerequisites for this Microsoft Identity and Access Administrator SC300 Training Course. However, basic knowledge of Cybersecurity and IT concepts would be beneficial for the delegates.

Microsoft Identity and Access Administrator SC300 Course Overview

The Microsoft Identity and Access Administrator SC300 Training Course is a pivotal course focused on implementing, designing, and managing an organisation's identity and access management systems with Azure AD (Azure Active Directory). In today's digital landscape, the importance of secure authorisation and authentication access to enterprise applications cannot be overstated, making this course highly relevant.

Professionals responsible for identity and access management, including Security Engineers and Administrators, should aim to master this subject. As identity solutions are integral to modernising an organisation's security posture, implementing identity governance, and achieving hybrid identity solutions, this knowledge is crucial for enhancing an organisation's security and career prospects.

The Knowledge Academy's 4-day Microsoft Identity and Access Administrator SC300 Course is designed to equip delegates with comprehensive knowledge and practical skills for implementing identity management solutions. Topics covered include user authentication management, Azure AD identity protection, App registration, and more. With experienced trainers, this course ensures a complete understanding of identity and access administration, enabling professionals to add valuable skills to their profiles.

Course Objectives

To create, configure, and manage identities effectively
To implement and manage hybrid identity solutions
To secure Azure AD users with Multi-Factor Authentication (MFA)
To plan and implement privileged access for enhanced security
To integrate and monitor enterprise applications for Single Sign-On (SSO)
To implement and manage external identities

Upon completion of this Microsoft Identity and Access Administrator SC300 Course, delegates will be capable of implementing and managing external and hybrid identities, securing Azure AD users with MFA, and effectively integrating enterprise applications for SSO. This knowledge will not only enhance an organisation's identity management but also open doors to valuable career opportunities in the field of security and access administration.

Explore Course Information

See dates & prices

What’s included in this Microsoft Identity and Access Administrator SC300 Training Course?

World-Class Training Sessions from Experienced Instructors
Microsoft Identity and Access Administrator SC300 Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Microsoft Security, Compliance, and Identity Fundamentals SC900 Course Outline

Module 1: Security and Compliance Concepts

Introduction
Describe the Shared Responsibility Model
Describe Defense in Depth
Describe the Zero Trust Model
Describe Encryption and Hashing
Describe Governance, Risk, and Compliance (GRC) Concepts

Module 2: Identity Concepts

Introduction
Define Authentication and Authorisation
Define Identity as the Primary Security Perimeter
Describe the Role of the Identity Provider
Describe the Concept of Directory Services and Active Directory
Describe the Concept of Federation

Module 3: The Function and Identity Types of Microsoft Entra ID

Introduction
Describe Microsoft Entra ID
Describe Types of Identities
Describe Hybrid Identity
Describe External Identities

Module 4: Authentication Capabilities of Microsoft Entra ID

Introduction
Describe Authentication Methods
Describe Multifactor Authentication
Describe Self-Service Password Reset
Describe Password Protection and Management Capabilities

Module 5: Access Management Capabilities of Microsoft Entra ID

Introduction
Describe Conditional Access
Describe Microsoft Entra Roles and Role-Based Access Control (RBAC)

Module 6: Identity Protection and Governance Capabilities of Microsoft Entra

Introduction
Describe Microsoft Entra ID Governance
Describe Access Reviews
Describe Entitlement Management
Describe the Capabilities of Privileged Identity Management
Describe Microsoft Entra ID Protection
Describe Microsoft Entra Permissions Management
Describe Microsoft Entra Verified ID

Module 7: Core Infrastructure Security Services in Azure

Introduction
Describe Azure DDoS Protection
Describe Azure Firewall
Describe Web Application Firewall
Describe Network Segmentation in Azure
Describe Azure Network Security Groups
Describe Azure Bastion
Describe Azure Key Vault

Module 8: Security Management Capabilities of Azure

Introduction
Describe Microsoft Defender for Cloud
Describe How Security Policies and Initiatives Improve Cloud Security Posture
Describe Cloud Security Posture Management
Describe the Enhanced Security of Microsoft Defender for Cloud
Describe DevOps Security Management

Module 9: Security Capabilities of Microsoft Sentinel

Introduction
Define the Concepts of SIEM and SOAR
Describe Threat Detection and Mitigation Capabilities in Microsoft Sentinel
Describe Microsoft Security Copilot

Module 10: Threat Protection with Microsoft 365 Defender

Introduction
Describe Microsoft 365 Defender Services
Describe Microsoft Defender for Office 365
Describe Microsoft Defender for Endpoint
Describe Microsoft Defender for Cloud Apps
Describe Microsoft Defender for Identity
Describe Microsoft Defender Vulnerability Management
Describe Microsoft Defender Threat Intelligence
Describe the Microsoft 365 Defender Portal

Module 11: Microsoft’s Service Trust Portal and Privacy Capabilities

Introduction
Describe the Offerings of the Service Trust Portal
Describe Microsoft's Privacy Principles
Describe Microsoft Privacy

Module 12: Compliance Management Capabilities in Microsoft Purview

Introduction
Describe the Microsoft Purview Compliance Portal
Describe Compliance Manager
Describe Use and Benefits of Compliance Score

Module 13: Information Protection and Data Lifecycle Management in Microsoft Purview

Introduction
Know Your Data, Protect Your Data, and Govern Your Data
Describe the Data Classification Capabilities of the Compliance Portal
Describe Sensitivity Labels and Policies
Describe Data Loss Prevention
Describe Retention Policies and Retention Labels
Describe Records Management

Module 14: Insider Risk Capabilities in Microsoft Purview

Introduction
Describe Insider Risk Management
Describe Communication Compliance
Describe Information Barriers

Module 15: Discovery and Audit Capabilities of Microsoft Purview

Introduction
Describe the eDiscovery Solutions in Microsoft Purview
Describe the Audit Solutions in Microsoft Purview

Module 16: Resource Governance Capabilities in Azure

Introduction
Describe Azure Policy
Describe the Use of Azure Blueprints
Describe the Capabilities in the Microsoft Purview Governance Portal

Explore Course Information

See dates & prices

Who should attend this Microsoft Security, Compliance, and Identity Fundamentals SC900 Training Course?

This Microsoft Security, Compliance, and Identity Fundamentals SC900 Course is designed for individuals who are interested in gaining a foundational knowledge of security, compliance, and identity concepts within the context of Microsoft technologies. This training course is especially beneficial for these professionals:

Cloud Architects
IT Professionals
Security Analysts
Incident Responders
Security Architects
Compliance Officers
Entrepreneurs and Small Business Owners

Prerequisites of the Microsoft Security, Compliance, and Identity Fundamentals SC900 Training Course

There are no formal prerequisites for this Microsoft Security, Compliance, and Identity Fundamentals SC900 Course. However, basic knowledge of IT concepts would be beneficial for the delegates.

Microsoft Security, Compliance, and Identity Fundamentals SC 900 Course Overview

The Microsoft Security, Compliance, and Identity Fundamentals SC900 Course introduces individuals to Microsoft's Security, Compliance, and Identity (SCI) solution, a framework that enhances organisational resilience and security by integrating platforms, clouds, and services. In today's ever-evolving digital landscape, the ability to strengthen cloud workload security and streamline security management is of utmost relevance, making this course highly important.

Professionals looking to excel in technical roles, such as Technical Specialists and Security Architects, should aim to master this subject. With the increasing importance of cloud security, authentication capabilities, access management, compliance management, and insider risk capabilities, understanding these topics is essential for enhancing an organisation's security posture and opening doors to reputable job profiles.

The 1-day training is designed to provide delegates with comprehensive knowledge of security, compliance, and identity. The course covers key areas, including authentication capabilities, access management, security capabilities, and compliance management. With highly experienced trainers, this course ensures a deep understanding of Microsoft's Security, Compliance, and Identity (SCI) solution, empowering professionals with valuable skills.

Course Objectives

To grasp security and compliance concepts and methodologies
To understand the different services and identity types within Azure AD
To explore the security capabilities of Azure Sentinel
To learn about E-Discovery and audit capabilities in Microsoft 365
To understand resource governance capabilities in Azure
To become proficient in managing security and compliance with Microsoft's SCI solution

Upon completion of the Microsoft Security, Compliance, and Identity Fundamentals SC900 Course, delegates will possess the knowledge and skills needed to enhance cloud workload security, streamline security management, and contribute to organisational resilience. This expertise will not only enrich their careers, but also enhance their ability to drive effective security practices within their organisations.

Explore Course Information

See dates & prices

What’s included in this Microsoft Security, Compliance, and Identity Fundamentals SC900 Training Course?

World-Class Training Sessions from Experienced Instructors
Microsoft Security, Compliance, and Identity Fundamentals SC900 Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (4 days)

Microsoft Cybersecurity Architect SC100 Course Outline

Module 1: Introduction to Zero Trust and Best Practice Frameworks

Introduction to Best Practices
Introduction to Zero Trust
Zero Trust Initiatives
Zero Trust Technology Pillars Part 1
Zero Trust Technology Pillars Part 2

Module 2: Design Security Solutions That Align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)

Define a Security Strategy
Introduction to the Cloud Adoption Framework
Cloud Adoption Framework Secure Methodology
Introduction to Azure Landing Zones
Design Security with Azure Landing Zones
Introduction to the Well-Architected Framework
The Well-Architected Framework Security Pillar

Module 3: Design Solutions That Align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft Cloud Security Benchmark (MCSB)

Introduction to Microsoft Cybersecurity Reference Architecture and Cloud Security Benchmark
Design Solutions with Best Practices for Capabilities and Controls
Design Solutions with Best Practices for Protecting Against Insider, External and Supply Chain Attacks.

Module 4: Design a Resiliency Strategy for Ransomware and Other Attacks Based on Microsoft Security Best Practices

Common Cyberthreats and Attack Patterns
Support Business Resiliency
Design Solutions for Mitigating Ransomware Attacks, Including Prioritization of BCDR and Privileged Access
Design Solutions for Business Continuity and Disaster Recovery (BCDR), Including Secure Backup and Restore
Evaluate Solutions for Security Updates

Module 5: Design Solutions for Regulatory Compliance

Introduction to Regulatory Compliance
Translate Compliance Requirements into Security Controls
Design a Solution to Address Compliance Requirements by Using Microsoft Purview
Address Privacy Requirements with Microsoft Priva
Address Security and Compliance Requirements with Azure Policy
Evaluate and Validate Alignment with Regulatory Standards and Benchmarks by Using Microsoft Defender for Cloud

Module 6: Design Solutions for Identity and Access Management

Introduction to Identity and Access Management
Design Cloud, Hybrid and Multicloud Access Strategies (Including Microsoft Entra ID)
Design a Solution for External Identities
Design Modern Authentication and Authorization Strategies
Align Conditional Access and Zero Trust
Specify Requirements to Harden Active Directory Domain Services (AD DS)
Design a Solution to Manage Secrets, Keys, and Certificates

Module 7: Design Solutions for Securing Privileged Access

Introduction to Privileged Access
The Enterprise Access Model
Evaluate the Security and Governance of Microsoft Entra ID Solutions
Design a Solution to Secure Tenant Administration
Design a Solution for Privileged Access Workstations and Bastion Services
Evaluate an Access Review Management Solution
Evaluate the Security and Governance of On-Premises Active Directory Domain Services (AD DS), Including Resilience to Common Attacks

Module 8: Design Solutions for Security Operations

Introduction to Security Operations (SecOps)
Design Monitoring to Support Hybrid and Multicloud Environments
Design Centralized Logging and Auditing, Including Microsoft Purview Audit
Design Security Information and Event Management (SIEM) Solutions
Design Solutions for Detection and Response That Includes Extended Detection and Response (XDR) and Security Information and Event Management (SIEM)
Design a Solution for Security Orchestration, Automation, and Response (SOAR)
Design and Evaluate Security Workflows, Including Incident Response, Threat Hunting, and Incident Management
Design and Evaluate Threat Detection Coverage by Using MITRE ATT&CK Matrices, Including Cloud, Enterprise, Mobile, and ICS

Module 9: Interactive Case Study: Modernizing Identity and Data Security

Introduction
Interactive Case Study
Interactive Case Study Highlights

Module 10: Interactive Case Study: Modernizing User Access Control and Threat Resilience

Introduction
Interactive Case Study
Interactive Case Study Highlights

Module 11: Design Solutions for Securing Microsoft 365

Introduction to Security for Exchange, SharePoint, OneDrive and Teams
Evaluate Security Posture for Productivity and Collaboration Workloads by Using Metrics
Design a Microsoft Defender XDR Solution
Design Configurations and Operational Practices for Microsoft 365
Evaluate Data Security and Compliance Controls in Microsoft Copilot for Microsoft 365 Services
Evaluate Solutions for Securing Data in Microsoft 365 Using Microsoft Purview

Module 12: Design Solutions for Securing Applications

Introduction to Application Security
Design and Implement Standards to Secure Application Development
Evaluate Security Posture of Existing Application Portfolios
Evaluate Application Threats with Threat Modeling
Design Security Lifecycle Strategy for Applications
Secure Access for Workload Identities
Design a Solution for API Management and Security
Design a Solution for Secure Access to Applications

Module 13: Design Solutions for Securing an Organization's Data

Introduction to Data Security
Evaluate Solutions for Data Discovery and Classification
Evaluate Solutions for Encryption of Data at Rest and in Transit, Including Azure KeyVault and Infrastructure Encryption
Design Data Security for Azure Workloads
Design Security for Azure Storage
Design a Security Solution with Microsoft Defender for SQL and Microsoft Defender for Storage

Module 14: Interactive Case Study: Securing Apps and Data

Introduction
Interactive Case Study
Interactive Case Study Highlights

Module 15: Specify Requirements for Securing SaaS, PaaS, and IaaS Services

Introduction to Security for SaaS, PaaS, and IaaS
Specify Security Baselines for SaaS, PaaS, and IaaS Services
Specify Security Requirements for IoT Workloads
Specify Security Requirements for Web Workloads
Specify Security Requirements for Containers and Container Orchestration
Evaluate AI Services Security

Module 16: Design Solutions for Security Posture Management in Hybrid and Multicloud Environments

Introduction to Hybrid and Multicloud Posture Management
Evaluate Security Posture by Using Microsoft Cloud Security Benchmark
Design Integrated Posture Management and Workload Protection
Evaluate Security Posture by Using Microsoft Defender for Cloud
Posture Evaluation with Microsoft Defender for Cloud Secure Score
Design Cloud Workload Protection with Microsoft Defender for Cloud
Integrate Hybrid and Multicloud Environments with Azure Arc
Design a Solution for External Attack Surface Management
Posture Management Using Exposure Management Attack Paths

Module 17: Design Solutions for Securing Server and Client Endpoints

Introduction to Endpoint Security
Specify Server Security Requirements
Specify Requirements for Mobile Devices and Clients
Specify Internet of Things (IoT) and Embedded Device Security Requirements
Secure Operational Technology (OT) and Industrial Control Systems (ICS) with Microsoft Defender for IoT
Specify Security Baselines for Server and Client Endpoints
Design a Solution for Secure Remote Access
Evaluate Windows Local Admin Password Solution (LAPS) Solutions

Module 18: Design Solutions for Network Security

Introduction
Design Solutions for Network Segmentation
Design Solutions for Traffic Filtering with Network Security Groups
Design Solutions for Network Posture Management
Design Solutions for Network Monitoring
Evaluate Solutions That Use Microsoft Entra Internet Access
Evaluate Solutions That Use Microsoft Entra Private Access

Module 19: Interactive Case Study: Securing Endpoints and Infrastructure

Introduction
Interactive Case Study
Interactive Case Study Highlights

Explore Course Information

See dates & prices

Who should attend this Microsoft Cybersecurity Architect SC100 Training Course?

This Microsoft Cybersecurity Architect SC100 Course is beneficial for those who want to gain an in-depth understanding of Microsoft's Cybersecurity Solutions, especially for Microsoft 365 and Azure services. This course can be beneficial for a wide range of professionals, including: including:

Cybersecurity Analysts
Network Administrators
Systems Administrators
Cloud Solutions Architects
Compliance Officers
Security Consultants
DevSecOps Engineers

Prerequisites of the Microsoft Cybersecurity Architect SC100 Training Course

There are no formal prerequisites for attending this Microsoft Cybersecurity Architect SC100 Training Course. However, The SC-100 exam is an advanced, expert-level exam that covers a wide range of cybersecurity topics, so advanced experience and knowledge in identity and access, platform protection, security operations, securing data, and securing applications is recommended.

Microsoft Cybersecurity Architect SC100 Course Overview

The Microsoft Cybersecurity Architect SC100 Course will equip individuals with the skills and knowledge to design and implement security solutions that protect organisations against cyber threats. Its relevance in today's digital age cannot be overstated, as cyber security remains a critical concern for businesses across the globe.

Understanding and proficiency in cybersecurity architecture are crucial for IT professionals safeguarding their organisations' digital assets. This course is particularly beneficial for Cybersecurity Architects, Security Officers, and IT Professionals looking to enhance their skill set in designing and managing secure solutions by industry best practices.

The Knowledge Academy’s intensive 4-day training offers a comprehensive introduction to the principles of cybersecurity architecture within the Microsoft ecosystem. Delegates will gain hands-on experience designing security solutions that leverage Microsoft technologies to enhance organisational security posture. The course aims to empower participants with the knowledge and skills to make informed security decisions that align with business objectives.

Course Objectives

To understand the cybersecurity landscape and the architect’s role in designing secure systems
To learn how to design and implement secure infrastructure and applications
To master the application of security controls and threat protection
To gain proficiency in identity and access management solutions
To develop skills in data protection and encryption strategies

After completing this course, delegates will receive a Microsoft Cybersecurity Architect Certification. This certification validates the delegate's expertise in designing and implementing security solutions. This credential is a testament to the holder's ability to play a pivotal role in protecting their organisation against cyber threats, enhancing their employability and career prospects in cybersecurity.

Explore Course Information

See dates & prices

What’s included in this Microsoft Cybersecurity Architect SC100 Training Course?

World-Class Training Sessions from Experienced Instructors
Microsoft Cybersecurity Architect SC100 Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (4 days)

Online Self-paced (32 hours)

Information Security Administrator SC401 Training Course Outline

Module 1: Protect Sensitive Data in a Digital World

The Growing Need for Data Protection
The Challenges of Managing Sensitive Data
Protect Data in a Zero Trust World
Understand Data Classification and Protection
Prevent Data Leaks and Insider Threats
Manage Security Alerts and Respond to Threats
Protect AI-Generated and AI-Processed Data

Module 2: Classify Data for Protection and Governance

Data Classification Overview
Classify Data Using Sensitive Information Types
Classify Data Using Trainable Classifiers
Create a Custom Trainable Classifier

Module 3: Review and Analyse Data Classification and Protection

Review Classification and Protection Insights
Analyse Classified Data with Data and Content Explorer
Monitor and Review Actions on Labeled Data

Module 4: Create and Manage Sensitive Information Types

Sensitive Information Type Overview
Compare Built-In Versus Custom Sensitive Information Types
Create and Manage Custom Sensitive Information Types
Create and Manage Exact Data Match Sensitive info Types
Implement Document Fingerprinting
Describe Named Entities
Create a Keyword Dictionary

Module 5: Create and Configure Sensitivity Labels with Microsoft Purview

Sensitivity Label Overview
Create and Configure Sensitivity Labels and Label Policies
Configure Encryption with Sensitivity Labels
Implement Auto-Labeling Policies
Track and Evaluate Sensitivity Label Usage in Microsoft Purview

Module 6: Apply Sensitivity Labels for Data Protection

Foundations of Sensitivity Label Integration in Microsoft 365
Manage Sensitivity Labels in Office Apps
Apply Sensitivity Labels with Microsoft 365 Copilot for Secure Collaboration
Protect Meetings with Sensitivity Labels
Apply Sensitivity Labels to Microsoft Teams, Microsoft 365 Groups, and SharePoint Sites

Module 7: Classify and protect on-premises data with Microsoft Purview

Protect On-Premises Files with Microsoft Purview
Prepare your Environment for the Microsoft Purview Information Protection Scanner
Configure and Install the Microsoft Purview Information Protection Scanner
Run and Manage the Scanner
Enforce Data Loss Prevention Policies on On-Premises Files

Module 8: Understand Microsoft 365 encryption

Learn How Microsoft 365 Data is Encrypted at Rest
Understand Service Encryption in Microsoft Purview
Explore Customer Key Management using Customer Key
Learn How Data is Encrypted in-Transit

Module 9: Protect email with Microsoft Purview Message Encryption

Understand Message Encryption
Plan for Microsoft Purview Message Encryption
Configure Microsoft Purview Message Encryption
Customise Encrypted Email Branding with Microsoft Purview
Control Encrypted Email Access with Advanced Message Encryption
Use Microsoft Purview Message Encryption Templates in Mail Flow Rules

Module 10: Prevent Data Loss with Microsoft Purview

Data Loss Prevention Overview
Plan and Design DLP Policies
Understand DLP Policy Deployment and Simulation Mode
Create and Manage DLP Policies
Integrate Adaptive Protection with DLP
Use DLP Analytics (preview) to Identify Data Risks
Understand DLP Alerts and Activity Tracking

Module 11: Implement Endpoint Data Loss Prevention (DLP) with Microsoft Purview

Endpoint Data Loss Prevention (DLP) Overview
Understand the Endpoint DLP Implementation Workflow
Onboard Devices for Endpoint DLP
Configure Settings for Endpoint DLP
Create and Manage Endpoint DLP Policies
Deploy the Microsoft Purview Browser Extension
Configure Just-In-Time (JIT) Protection

Module 12: Configure DLP Policies for Microsoft Defender for Cloud Apps and Power Platform

Configure Data Loss Prevention Policies for Power Platform
Integrate Data Loss Prevention in Microsoft Defender for Cloud Apps
Configure Policies in Microsoft Defender for Cloud Apps
Manage Data Loss Prevention Violations in Microsoft Defender for Cloud Apps

Module 13: Investigate and respond to Microsoft Purview Data Loss Prevention alerts

Understand Data Loss Prevention (DLP) Alerts
Understand the DLP alert lifecycle
Configure DLP Policies to Generate Alerts
Investigate DLP Alerts in Microsoft Purview
Investigate DLP Alerts in Microsoft Defender XDR
Investigate DLP Alerts with Security Copilot and AI Agents
Respond to DLP Alerts
Exercise - Investigate a DLP Alert and Related Incident

Module 14: Understand Microsoft Purview Insider Risk Management

What is an Insider Risk?
Microsoft Purview Insider Risk Management Overview
Microsoft Purview Insider Risk Management Features
Case study: Protect Sensitive Data with Insider Risk Management

Module 15: Prepare for Microsoft Purview Insider Risk Management

Plan for Insider Risk Management
Prepare your Organisation for Insider Risk Management
Configure Settings for Insider Risk Management
Integrate Insider Risk Management with Data Sources and Tools

Module 16: Create and Manage Insider Risk Management Policies

Understand Insider Risk Management Policy Templates
Compare Quick and Custom Insider Risk Policies
Create a Custom Insider Risk Management Policy
Manage Policies in Insider Risk Management

Module 17: Investigate Insider Risk Alerts and Related Activity

Understand Insider Risk Alerts and Investigations
Manage Alert Volume in Insider Risk Management
Investigate and Triage Insider Risk Alerts in Microsoft Purview
Investigate Insider Risk Alerts with Security Copilot and AI Agents
Analyse Alert Context with the All Risk Factors Tab
Investigate Activity Details with the Activity Explorer Tab
Review Patterns over time with the User Activity Tab
Investigate Insider Risk Alerts in Microsoft Defender XDR
Manage and Take Action on Insider Risk Cases
Exercise - Investigate Potential Data Theft using Insider Risk Management

Module 18: Implement Adaptive Protection in Insider Risk Management

Adaptive Protection Overview
Understand and Configure Risk Levels in Adaptive Protection
Configure Adaptive Protection
Manage Adaptive Protection

Module 19: Understand How to Secure AI Data with Microsoft Purview

Understand AI Data Security Risks
Understand How Microsoft Purview secures AI data
Evaluate Compliance Risks for AI Usage
Identify AI-Related Data Exposure Risks
Understand how Microsoft Purview Controls AI Data Access
Detect and Respond to Risky AI Activity
Retain and Search Copilot Prompts and Responses

Module 20: Secure Microsoft 365 Copilot Interactions with Microsoft Purview

Understand how Microsoft 365 Copilot Changes Data Protection Needs
Assess Copilot Regulatory Compliance with Compliance Manager
Audit Copilot Interactions with Microsoft Purview
Analyse Copilot Interactions with Communication Compliance
Classify and Protect Copilot Content with Sensitivity Labels
Apply DLP Policies to Microsoft 365 Copilot
Apply retention Policies to Copilot Prompts and Responses
Investigate and Delete Copilot Activity with eDiscovery

Module 21: Secure Enterprise and Browser-Based AI Apps with Microsoft Purview

Understand Risks from Enterprise and Non-Microsoft AI Tools
Assess AI Usage for Security and Compliance
Identify Policy Violations with Communication Compliance
Detect Risky AI Usage with Insider Risk Management
Protect Sensitive Data in AI Apps with Microsoft Purview DLP
Case Study: Use Adaptive Protection to Respond to AI-related risk
Apply Retention Policies to AI app Prompts and Responses

Module 22: Secure Developer AI Environments with Microsoft Purview

Understand Risks and Responsibilities in AI Development Environments
Discover and Assess AI apps with DSPM for AI
Classify, Restrict, and Retain AI Prompt Data
Enforce Protections in Azure AI Services and Azure AI Foundry
Apply Controls for Microsoft Entra-Registered Custom AI Apps
Secure AI Agents built in Copilot Studio
Manage Data Risks in Copilot in Fabric
Investigate and Respond to Risky AI Activity

Module 23: Understand Retention in Microsoft Purview

Overview of Retention and the Data Lifecycle
Understand Retention Labels and Retention Policies
Decide When to Apply Retention

Module 24: Implement and manage Microsoft 365 retention and recovery

Plan for Retention and Disposition with Retention Labels
Create and Publish Retention Labels
Create and Manage Auto-Apply Retention Labels
Create and Configure Adaptive Scopes
Create and Configure Retention Policies
Understand Policy and Label Precedence in Microsoft Purview
Recover Content in Microsoft 365 Workloads

Module 25: Search and Investigate with Microsoft Purview Audit

Microsoft Purview Audit overview
Configure and Manage Microsoft Purview Audit
Conduct Searches with Audit (Standard)
Audit Microsoft Copilot for Microsoft 365 interactions
Investigate Activities with Audit (Premium)
Export Audit Log Data
Configure Audit Retention with Audit (Premium)

Module 26: Search for Content with Microsoft Purview eDiscovery

Understand eDiscovery and Content Search Capabilities
Prerequisites for Using eDiscovery in Microsoft Purview
Create an eDiscovery Search
Conduct an eDiscovery Search
Export eDiscovery Search Results

Explore Course Information

See dates & prices

Who Should Attend this Microsoft Information Security Administrator SC-401 Training?

This Microsoft Information Security Administrator SC-401 Training is ideal for professionals responsible for implementing and managing security controls across Microsoft-based environments. It is particularly beneficial for:

Information Security Administrator
Cloud Security Engineer
Microsoft 365 Security Administrator
Identity and Access Management (IAM) Specialist
Security Operations Centre (SOC) Analyst
Cybersecurity Engineer
Systems / Infrastructure Security Administrator

Prerequisites of Microsoft Information Security Administrator SC-401 Training

There are no formal prerequisites to attend this Microsoft Information Security Administrator SC-401 Training.

Microsoft Information Security Administrator SC-401 Course Overview

Microsoft Information Security Administrator SC-401 Training is a specialised programme designed to develop the skills required to implement, manage, and monitor an organisation’s security posture across Microsoft-based environments. Its importance lies in helping organisations strengthen resilience against evolving cyber threats and ensure robust protection of identities, data, and infrastructure. For organisations, this training enhances security governance, compliance alignment, and operational risk reduction. For individuals, it builds strong technical competence in identity security, data protection, and threat response. From a career perspective, this training significantly boosts employability by validating advanced expertise in one of the most in-demand cybersecurity roles today.

In this training, delegates will learn how to design and implement security controls, manage identity and access protection, configure data loss prevention policies, and apply governance frameworks across cloud and hybrid environments. They will explore Microsoft security features, analyse threats, manage compliance requirements, and understand how to operationalise enterprise-level security strategies. The course also equips learners with the ability to evaluate risk, respond to incidents effectively, and maintain a secure organisational environment aligned with modern cybersecurity practices.

Microsoft Information Security Administrator SC-401 Course Objectives

To develop strong competence in Microsoft security administration principles
To configure identity protection systems for secure access management
To apply governance frameworks supporting compliance and security alignment
To monitor security operations through structured analytical techniques
To evaluate cyber risks using modern threat intelligence practices
To manage incident response activities with effective coordination strategies

After attending this training, delegates will be able to design and deploy security controls, manage identity governance, configure data protection mechanisms, and respond effectively to cybersecurity threats across Microsoft-based infrastructures. They will be capable of analysing organisational vulnerabilities, implementing compliance-driven safeguards, and supporting security teams in maintaining robust operational governance.

Explore Course Information

See dates & prices

What’s Included in this Information Security Administrator SC401 Training?

World-Class Training Sessions from Experienced Instructors
Information Security Administrator SC401 Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Microsoft Security Workshop: Implementing PowerShell Security Best Practices 40555A Training Course Outline

Module 1: PowerShell Fundamentals

Overview of Windows PowerShell
PowerShell Editions and Versions
Running PowerShell

Module 2: PowerShell Operational Security

Managing Local Script Execution
Managing Remote Execution Capabilities of Windows PowerShell
Managing Remote Execution Capabilities of PowerShell Core
Language Mode

Module 3: Implementing PowerShell-based Security

Windows PowerShell DSC
Just Enough Administration (JEA)
Windows PowerShell Auditing and Logging

Module 4: Windows PowerShell-based Exploits and their Mitigation

Windows PowerShell-Based Attacks
Windows PowerShell-Based Security Tools
Summary of Windows PowerShell Security-Related Technologies

Lab: Implementing Windows PowerShell Security

Implement Windows PowerShell Logging by Using DSC
Carry Out a Windows PowerShell-Based Exploit
Implement Just Enough Administration

Explore Course Information

See dates & prices

Who should attend this Implementing PowerShell Security Best Practices 40555A Training Course?

The Implementing PowerShell Security Best Practices 40555A Training is designed for IT professionals and security practitioners who work with PowerShell, Microsoft's scripting and automation framework. This course is particularly suitable for the following professionals:

Systems Administrators
Network Administrators
IT Security Professionals
PowerShell Scripters
DevOps Engineers
Windows Server Administrators
Cybersecurity Analysts

Prerequisites of the Implementing PowerShell Security Best Practices 40555A Training Course

There are no formal prerequisites for attending this Implementing PowerShell Security Best Practices 40555A Training. However, having prior knowledge and experience of Windows PowerShell commands would be beneficial for the delegates.

Microsoft Security Workshop: Implementing PowerShell Security Best Practices 40555A Training Course Overview

The Implementing PowerShell Security Best Practices 40555A Course focuses on Windows PowerShell, a versatile scripting language and command-line shell integral to the Microsoft ecosystem. Understanding PowerShell's fundamentals, architectural design, and interaction basics is highly relevant in today's IT landscape. This course serves as a fundamental building block for IT professionals and enthusiasts seeking a comprehensive understanding of PowerShell.

Professionals across various IT domains, including Technical Leaders, Dynamics CRM Developers, Data Engineers, and anyone working with Microsoft technologies, should aim to master PowerShell. PowerShell plays a pivotal role in automating tasks, managing systems, and optimising operations. Knowledge of its best practices is crucial for efficiency, security, and career growth.

The 1-day training course by the Knowledge Academy is designed to provide delegates with an overview of Windows PowerShell-based security technologies. During this course, delegates will gain insights into managing remote execution of PowerShell core and learn to control the remote execution capabilities of Windows PowerShell. This training equips professionals with practical skills to enhance their PowerShell proficiency.

Course Objectives

To comprehend the architectural design of Windows PowerShell
To master the basics of interacting with PowerShell
To understand PowerShell's editions and versions
To explore security-related technologies within PowerShell
To learn to manage remote execution of PowerShell core
To control the remote execution capabilities of Windows PowerShell

Upon completion of the Implementing PowerShell Security Best Practices 40555A Course, delegates will possess a strong foundation in PowerShell fundamentals and best practices. This knowledge will empower them to automate tasks, manage systems more efficiently, and ensure the security of their PowerShell environment. It opens doors to enhanced career prospects and greater proficiency in working with Microsoft technologies.

Explore Course Information

See dates & prices

What's Included in this Implementing PowerShell Security Best Practices 40555A Training Course?

World-Class Training Sessions from Experienced Instructors
Implementing PowerShell Security Best Practices 40555A Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Configure and Govern Entitlement with Microsoft Entra ID (SC-5008) Training Course Outline

Module 1: Plan and Implement Entitlement Management

Define Access Packages
Exercise Create and Manage A Resource Catalogue With Microsoft Entra Entitlement Management
Configure Entitlement Management
Exercise Add Terms of Use Acceptance Report
Exercise Manage the Lifecycle of External Users with Microsoft Entra Identity Governance
Configure and Manage Connected Organisations
Review Per-User Entitlements

Module 2: Plan, Implement, and Manage Access Review

Plan for Access Reviews
Create Access Reviews for Groups and Apps
Create and Configure Access Review Programs
Monitor Access Review Findings
Automate Access Review Management Tasks
Configure Recurring Access Reviews

Module 3: Monitor and Maintain Microsoft Entra ID

Analyse and Investigate Sign-In Logs to Troubleshoot Access Issues
Review and Monitor Microsoft Entra Audit Logs
Exercise Connect Data from Microsoft Entra ID to Microsoft Sentinel
Export Logs to Third-Party Security Information and Event Management System
Analyse Microsoft Entra Workbooks and Reporting
Monitor Security Posture with Identity Secure Score

Module 4: Plan and Implement Privileged Access

Define a Privileged Access Strategy for Administrative Users
Configure Privileged Identity Management for Azure Resources
Exercise Configure Privileged Identity Management for Microsoft Entra Roles
Exercise Assign Microsoft Entra Roles in Privileged Identity Management
Exercise Assign Azure Resource Roles in Privileged Identity Management
Plan and Configure Privileged Access Groups
Analyse Privileged Identity Management Audit History and Reports
Create and Manage Emergency Access Accounts

Module 5: Explore the Many Features of Microsoft Entra Permissions Management

A Comprehensive Experience for All Cloud Environments
Get High Level Insights in the Permissions Management Dashboard
Dive Deeper with the Analytics Tab
Develop a Better Understanding of Your Environment with Reports
Analyse Historical Data with the Audit Tab
Act on Your Findings with the Permissions Management Remediation Tab
Take a More Proactive Approach to Managing with Continuous Monitoring
Manage Access to Microsoft Entra Permissions Management

Explore Course Information

See dates & prices

Who Should Attend this Configure and Govern Entitlement with Microsoft Entra ID (SC-5008) Course?

This Configure and Govern Entitlement with Microsoft Entra ID (SC-5008) Course is designed for anyone who wants to specialise in entitlement management and governance within cloud and hybrid environments. However, this training will be beneficial for:

Identity and Access Management (IAM) Specialists
IT Security Administrators
Compliance Managers
Cloud Security Engineers
Systems Administrators
IT Governance Officers
Risk Management Specialists

Prerequisites of the Configure and Govern Entitlement with Microsoft Entra ID (SC-5008) Course

There are no formal prerequisites for attending this Configure and Govern Entitlement with Microsoft Entra ID (SC-5008) Course.

Configure and Govern Entitlement with Microsoft Entra ID (SC-5008) Training Course Overview

Configure and Govern Entitlement with Microsoft Entra ID (SC-5008) is a specialised training course designed to empower IT professionals with the skills to manage and govern entitlements using Microsoft Entra ID. The course highlights the importance of robust entitlement management for enhancing security and compliance across organisational IT environments. For organisations, mastering Microsoft Entra ID offers strategic advantages by ensuring precise control over access and permissions, which minimises security risks and enhances regulatory compliance. For individuals, the training enhances expertise in identity and access management, a critical component in today's IT security landscape. Career-wise, participants will gain skills that elevate their professional capabilities, making them key players in roles such as IT security, compliance management, and systems administration.

In this course, delegates will gain a comprehensive understanding of Microsoft Entra ID, focusing on planning, implementing, and managing entitlements. They will learn how to create and manage access packages, configure entitlement management settings, and utilise advanced features like adaptive scopes and event-based retention. The training will cover practical applications for setting up and managing access reviews, as well as techniques for monitoring and maintaining the security posture through Microsoft Entra ID. This training will be conducted by our highly professional and skilled trainer, who has years of experience in teaching.

Course Objectives

To create and manage comprehensive access packages using Microsoft Entra ID
To configure entitlement management settings for optimal security and compliance
To implement adaptive scopes and manage the lifecycle of external users
To conduct access reviews and configure recurring review processes
To monitor and analyse sign-in and audit logs for security insights
To configure and manage privileged access and emergency accounts effectively

After attending this training, delegates will be able to confidently configure and manage entitlements using Microsoft Entra ID. They will be equipped to establish robust access packages, effectively manage and review access permissions, and monitor compliance with organisational policies. Delegates will also have the skills to analyse security data for insights, respond to compliance alerts, and maintain high standards of data governance.

Explore Course Information

See dates & prices

What’s included in this Configure and Govern Entitlement with Microsoft Entra ID SC5008 Course?

World-Class Training Sessions from Experienced Instructors
Configure and Govern Entitlement with Microsoft Entra ID SC5008 Course Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Configure SIEM Security Operations using Microsoft Sentinel (SC-5001) Course Outline

Module 1: Create and Manage Microsoft Sentinel Workspaces

Plan for the Microsoft Sentinel workspace
Create a Microsoft Sentinel workspace
Manage Workspaces Across Tenants using Azure Lighthouse
Understand Microsoft Sentinel Permissions and Roles
Manage Microsoft Sentinel Settings
Configure Logs

Module 2: Connect Microsoft services to Microsoft Sentinel

Plan for Microsoft Services Connectors
Connect the Microsoft Office 365 Connector
Connect the Microsoft Entra Connector
Connect the Microsoft Entra ID Protection Connector
Connect the Azure Activity Connector

Module 3: Connect Windows Hosts to Microsoft Sentinel

Plan for Windows Hosts Security Events Connector
Connect Using the Windows Security Events Via AMA Connector
Connect Using the Security Events Via Legacy Agent Connector
Collect Sysmon Event Logs

Module 4: Threat Detection with Microsoft Sentinel Analytics

Exercise - Detect Threats with Microsoft Sentinel Analytics
What is Microsoft Sentinel Analytics?
Types of Analytics Rules
Create an Analytics Rule from Templates
Create an Analytics Rule from Wizard
Manage Analytics Rules
Exercise - Detect Threats with Microsoft Sentinel Analytics

Module 5: Automation in Microsoft Sentinel

Understand Automation Options
Create Automation Rules

Module 6: Configure SIEM Security Operations using Microsoft Sentinel

Exercise - Configure SIEM Operations using Microsoft Sentinel
Exercise - Install Microsoft Sentinel Content Hub Solutions and Data Connectors
Exercise - Configure a Data Connector Data Collection Rule
Exercise - Perform a Simulated Attack to Validate the Analytic and Automation Rules

Explore Course Information

See dates & prices

Who Should Attend this Configure SIEM Security Operations using Microsoft Sentinel (SC-5001)?

This Configure SIEM Security Operations using Microsoft Sentinel (SC-5001) Course is designed for anyone who wants to effectively set up and utilise Microsoft Sentinel for Security Information and Event Management (SIEM). However, this training will be beneficial for:

Cybersecurity Analysts
Security Operations Centre (SOC) Analysts
IT Security Engineers
SIEM Administrators
Threat Intelligence Analysts
Network Security Managers
Compliance and Audit Officers

Prerequisites of the Configure SIEM Security Operations using Microsoft Sentinel (SC-5001) Course

There are no formal prerequisites for attending this Configure SIEM Security Operations using Microsoft Sentinel (SC-5001) Course.

Configure SIEM Security Operations using Microsoft Sentinel (SC-5001) Course Overview

Configure SIEM Security Operations using Microsoft Sentinel (SC-5001) is a focused training course that teaches how to set up and manage Security Information and Event Management (SIEM) operations using Microsoft Sentinel. The importance of this course stems from the growing need to safeguard digital infrastructures and data effectively against increasing cybersecurity threats. For organisations, the training enables the setup of a robust SIEM system that enhances threat detection and response capabilities, crucial for maintaining security and compliance. For individuals, it provides deep insights into cloud-based security operations, enhancing skill sets in a critical area of IT security. Career-wise, the course prepares participants for advanced roles in cybersecurity, such as SIEM administrators, security analysts, or security consultants, where expertise in cutting-edge security technologies is highly valued.

In this course, delegates will learn how to effectively configure and manage Microsoft Sentinel as a SIEM system. They will start by setting up Sentinel workspaces, understanding and managing permissions, and configuring data collection across multiple platforms and services. Delegates will also learn to connect and monitor various data sources, including Microsoft services and third-party applications. This training will be conducted by our highly professional and skilled trainer, who has years of experience in teaching.

Course Objectives

To deploy Microsoft Sentinel workspaces optimised for organisational needs
To integrate and manage data connectors from Microsoft services and third parties
To create advanced analytics rules to detect security threats effectively
To implement automation for efficient security incident response
To configure and manage permissions, roles, and settings within Microsoft Sentinel
To practice and refine security configurations with real-world simulations

After attending this training course, delegates will be able to effectively configure and utilise Microsoft Sentinel as a powerful SIEM tool within their organisations. They will be capable of integrating a variety of data sources, designing sophisticated analytics to monitor security threats, and implementing automated workflows to respond to incidents rapidly.

Explore Course Information

See dates & prices

What’s included in this Configure SIEM Security Operations using Microsoft Sentinel SC5001 Course?

World-Class Training Sessions from Experienced Instructors
Configure SIEM Security Operations using Microsoft Sentinel SC5001 Course Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Implement Information Protection and Data Loss Prevention by Using Microsoft Purview (SC-5003) Course Outline

Module 1: Create and Manage Sensitive Information Types

Sensitive Information Type Overview
Compare Built-In Vs Custom Sensitive Information Types
Create and Manage Custom Sensitive Information Types
Create and Manage Exact Data Match Sensitive Info Types
Implement Document Fingerprinting
Create A Keyword Dictionary

Module 2: Create and Configure Sensitivity Labels with Microsoft Purview

Sensitivity Label Overview
Create and Configure Sensitivity Labels and Label Policies
Configure Encryption with Sensitivity Labels
Implement Auto-Labeling Policies
Use the Data Classification Dashboard to Monitor Sensitivity Labels

Module 3: Prevent Data Loss in Microsoft Purview

Data Loss Prevention Overview
Identify Content to Protect
Identify Sensitive Data with Optical Character Recognition (Preview)
Define Policy Settings for Your DLP Policy
Test and Create Your DLP Policy
Prepare Endpoint DLP
Manage DLP Alerts in the Microsoft Purview Compliance Portal
View Data Loss Prevention Reports
Implement the Microsoft Purview Extension

Module 4: Implement Information Protection and Data Loss Prevention with Microsoft Purview

Exercise - Create a Sensitive Info Type
Exercise - Create and Publish a Sensitivity Label
Exercise - Create and Assign an Auto-Labeling Policy
Exercise - Create a Data Loss Prevention (DLP) Policy

Explore Course Information

See dates & prices

Who Should Attend this Implement Information Protection and Data Loss Prevention by Using Microsoft Purview (SC-5003)?

This Implement Information Protection and Data Loss Prevention by Using Microsoft Purview (SC-5003) Course is designed for anyone who wants to enhance their skills in managing enterprise-level information protection and data loss prevention solutions. However, this training will be beneficial for:

Data Protection Officers
Compliance Managers
Cybersecurity Analysts
IT Security Managers
Risk Management Specialists
Information Governance Officers
Privacy Consultants

Prerequisites of the Implement Information Protection and Data Loss Prevention by Using Microsoft Purview (SC-5003)

There are no formal prerequisites for attending this Implement Information Protection and Data Loss Prevention by Using Microsoft Purview (SC-5003) Course.

Implement Information Protection and Data Loss Prevention by Using Microsoft Purview (SC-5003) Course Overview

Implement Information Protection and Data Loss Prevention by Using Microsoft Purview (SC-5003) is a focused training course designed to equip IT professionals with the capabilities to set up and manage Microsoft Purview for data protection and loss prevention. This training is essential as it enables organisations to safeguard sensitive information effectively and comply with various regulatory requirements. For organisations, the training provides strategic benefits by enhancing data security frameworks and minimising the risks associated with data breaches. For individuals, it deepens understanding and expertise in one of the most critical areas of IT security, making them indispensable to their current and future roles. The career benefits for participants include advancing their qualifications for high-demand roles in cybersecurity, compliance, and data governance.

In this course, delegates will learn how to effectively use Microsoft Purview to implement robust information protection and data loss prevention strategies within their organisations. The training covers a comprehensive overview of Microsoft Purview, including the creation and management of sensitive information types, configuration of sensitivity labels, and the establishment of data loss prevention policies. This training will be conducted by our highly professional and skilled trainer, who has years of experience in teaching.

Course Objectives

To understand the core features and capabilities of Microsoft Purview
To create and manage sensitive information types within Microsoft Purview
To configure and apply sensitivity labels and label policies across data
To implement and manage data loss prevention policies effectively
To utilise advanced tools such as document fingerprinting and OCR in data protection
To monitor and analyse the effectiveness of implemented security measures

After attending this training, delegates will be equipped to effectively implement and manage Microsoft Purview within their organisations. They will have the skills to ensure that sensitive information is identified, classified, and protected according to best practices and regulatory standards. Delegates will be capable of configuring detailed data loss prevention strategies that are tailored to the specific needs of their organisations, significantly reducing the risk of data breaches.a

Explore Course Information

See dates & prices

What’s included in this Implement Information Protection and Data Loss Prevention by Using Microsoft Purview SC5003 Course?

World-Class Training Sessions from Experienced Instructors
Implement Information Protection and Data Loss Prevention by Using Microsoft Purview SC5003 Course Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview (SC-5007) Course Outline

Module 1: Implement and Manage Retention with Microsoft Purview

Overview of Retention with Microsoft Purview
Create and Configure Retention Policies
Create and Configure Adaptive Scopes
Create and Publish Retention Labels
Apply Retention Labels Across Microsoft 365 Services
Configure Event-Based Retention
Create and Manage Auto-Apply Retention Labels
Declare Records by Using Retention Labels
Conduct Disposition Reviews

Module 2: Manage Microsoft Purview eDiscovery (Premium)

Explore Microsoft Purview eDiscovery (Premium)
Implement Microsoft Purview eDiscovery (Premium)
Create and Manage an eDiscovery (Premium) Case
Manage Custodians and Non-Custodial Data Sources
Collect Content for a Case
Review and Manage Case Content
Analyze Case Content

Module 3: Prepare Microsoft Purview Communication Compliance

Introduction to Communication Compliance
Plan for Communication Compliance
Identify and Resolve Communication Compliance Workflow
Introduction to Communication Compliance Policies
Communication Compliance with Copilot For Microsoft 365
Knowledge Check
Case Study--Configure an Offensive Language Policy
Investigate and Remediate Communication Compliance Alerts

Module 4: Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview

Exercise - Create Retention Policies
Exercise - Create and Publish Retention Labels
Exercise - Conduct an eDiscovery Search
Exercise - Create a Communication Compliance Policy

Explore Course Information

See dates & prices

Who Should Attend this Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview (SC-5007)?

This Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview (SC-5007) Course is designed for anyone who wants to enhance their expertise in managing data governance frameworks effectively within their organisations. However, this training will be beneficial for:

Compliance Officers
Data Protection Officers
Legal Counsel Executives
IT Security Managers
Records Managers
Risk Management Specialists
Corporate Governance Officers

Prerequisites of the Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview (SC-5007) Course

There are no formal prerequisites for attending this Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview (SC-5007).

Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview (SC-5007) Course Overview

Implement Retention, eDiscovery, and Communication Compliance in Microsoft Purview (SC-5007) is a specialised training course tailored for IT professionals. It focuses on using Microsoft Purview to manage data governance effectively within organisations. This essential training equips participants with the tools and knowledge necessary to comply with legal and regulatory frameworks, thus protecting against data breaches and litigation. By mastering these functionalities, organisations can maintain data integrity, ensure compliance, and optimise information lifecycle management. For individuals, the course boosts capabilities in handling sensitive data and complex compliance requirements, enhancing career prospects in data protection, compliance, and information security roles.

In this training course, delegates with a deep dive into Microsoft Purview's capabilities for implementing retention policies, conducting eDiscovery, and enforcing communication compliance. They will learn how to create and manage retention labels and policies, configure and execute eDiscovery searches, and set up communication compliance solutions to monitor and regulate corporate communication. The training includes hands-on exercises that mimic real-world scenarios—such as setting up retention for different types of information. This training will be conducted by our highly professional and skilled trainer, who has years of experience in teaching.

Course Objectives

To create and manage comprehensive retention policies within Microsoft Purview
To understand and implement eDiscovery procedures for legal compliance
To configure and manage communication compliance across Microsoft 365
To apply retention labels and policies across diverse data sets
To conduct thorough disposition reviews and manage data lifecycle
To effectively manage and respond to compliance alerts and investigations

After attending this training, delegates will be equipped to effectively set up, manage, and utilise Microsoft Purview for retention, eDiscovery, and communication compliance. They will be capable of creating and enforcing data retention policies, conducting eDiscovery searches, and handling complex compliance requirements with confidence.

Explore Course Information

See dates & prices

What’s included in this Implement Retention eDiscovery and Communication Compliance in Microsoft Purview SC5007 Course?

World-Class Training Sessions from Experienced Instructors
Implement Retention eDiscovery and Communication Compliance in Microsoft Purview SC5007 Course Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security (MD-4011) Training Course Outline

Module 1: Discover Microsoft Intune Essentials

Introduction
Explore Core Features of Microsoft Intune
Understand Device Management Capabilities
Effectively Secure and Manage Applications
Integrate Security and Compliance
Optimise Deployment Strategies with Intune
Unify Management Across Platforms with Microsoft Intune

Module 2: Unlock Insights with Microsoft Copilot for Security

Introduction
Discover Microsoft Copilot for Security
Understand How Microsoft Copilot for Security Works
Explore Microsoft Copilot for Security Experiences
Deploy Microsoft Copilot for Security for Enhanced Security
Utilise Prompts in Microsoft Copilot for Security
Incorporate Promptbooks in Microsoft Copilot for Security
Explore New Features in Microsoft Copilot for Security

Module 3: Optimise Microsoft Intune for Microsoft Copilot for Security Integration

Introduction
Understand the Benefits of Microsoft Copilot for Security and Intune
Implement Strong Naming Conventions
Rename a Device in Microsoft Intune
Add Groups in Microsoft Intune to Organise Users and Devices
Understand Authentication in Microsoft Copilot for Security
Integrate Microsoft Copilot for Security with Microsoft Intune
Leverage Prompting Features in Microsoft Copilot for Security
Sample Prompts for Microsoft Intune

Explore Course Information

See dates & prices

Who should attend this Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security MD-4011 Training Course?

The Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security MD-4011 Training Course is ideal for individuals looking to strengthen their expertise in endpoint management and security using Microsoft's advanced tools. This training is particularly beneficial for:

IT Security Professionals
System Administrators
Cybersecurity Analysts
IT Managers and Directors
Security Engineers
Network Architects
IT Auditors

Prerequisites of the Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security MD-4011 Training Course

There are no formal prerequisites for attending this Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security MD-4011 Training Course.

Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security (MD-4011) Training Course Overview

Endpoint Security with Microsoft Intune and Microsoft Copilot for Security is an advanced approach to managing and securing devices across an organisation using Microsoft's comprehensive tools. The importance of this approach lies in its ability to streamline security protocols and device management, enhancing protection against evolving cybersecurity threats. For organisations, this training provides essential strategies to optimise device management and security operations, reducing vulnerabilities and improving compliance. Individuals gain a robust understanding of both Intune and Copilot for Security, enhancing their skills in deploying, managing, and securing endpoints effectively. For delegates, this course offers valuable career advancement opportunities by developing expertise in high-demand areas of cybersecurity and device management, preparing them for leadership roles in IT security.

In the Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security MD-4011 course, delegates will learn how to effectively utilise Microsoft Intune and Microsoft Copilot for Security to manage and secure endpoints within their organisation. The training covers the essentials of Microsoft Intune, insights on leveraging Microsoft Copilot for Security, and the synergies between these two powerful tools for optimal endpoint management and security.

Course Objectives

To explore core features of Microsoft Intune
To understand the operational mechanisms of Microsoft Copilot for Security
To integrate Microsoft Copilot for Security with Microsoft Intune
To manage device security and compliance effectively
To utilise advanced prompting features in Microsoft Copilot for Security
To implement best practices for endpoint security enhancements

After attending this training, delegates will be capable of deploying Microsoft Intune and Microsoft Copilot for Security to enhance the security and management of devices across their network. They will understand how to utilise the specific features of both tools to monitor, manage, and secure endpoints, ensuring compliance with organisational policies and security requirements.

Explore Course Information

See dates & prices

What’s included in this Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security MD4011 Training Course?

World-Class Training Sessions from Experienced Instructors
Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security MD4011 Training Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Get started with Microsoft Copilot for Security (SC-5006) Training Course Outline

Module 1: Fundamentals of Generative AI

Introduction
What is Generative AI?
What Are Language Models?
Using Language Models
What Are Copilots?
Microsoft Copilot
Considerations for Copilot Prompts
Extending and Developing Copilots
Exercise - Explore Microsoft Copilot

Module 2: Describe Microsoft Copilot for Security

Introduction
Get Acquainted with Microsoft Copilot for Security
Describe Microsoft Copilot for Security Terminology
Describe How Microsoft Copilot for Security Processes Prompt Requests
Describe the Elements of an Effective Prompt
Describe How to Enable Microsoft Copilot for Security

Module 3: Describe the Core Features of Microsoft Copilot for Security

Introduction
Describe the Features Available in the Standalone Experience of Microsoft Copilot for Security
Describe the Features Available in a Session of the Standalone Experience
Describe the Microsoft Plugins Available in Microsoft Copilot for Security
Describe the Non-Microsoft Plugins Supported by Microsoft Copilot for Security
Describe Custom Promptbooks
Describe Knowledge Base Connections

Module 4: Describe the Embedded Experiences of Microsoft Copilot for Security

Introduction
Describe Microsoft Copilot in Microsoft Defender XDR
Microsoft Copilot in Microsoft Purview
Microsoft Copilot in Microsoft Entra
Microsoft Copilot in Microsoft Intune
Microsoft Copilot in Microsoft Defender for Cloud (Preview)

Module 5: Explore Use Cases of Microsoft Copilot for Security

Introduction
Explore the First Run Experience
Explore the Standalone Experience
Configure the Microsoft Sentinel Plugin
Enable a Custom Plugin
Explore File Uploads as a Knowledge Base
Create a Custom Promptbook
Explore the Capabilities of Copilot in Microsoft Defender XDR
Explore the Capabilities of Copilot in Microsoft Purview

Explore Course Information

See dates & prices

Who should attend this Get started with Microsoft Copilot for Security (SC-5006) Training Course?

The Get Started with Microsoft Copilot for Security (SC-5006) Training Course is ideal for individuals aiming to harness the power of generative AI in cybersecurity applications. It is particularly beneficial for:

IT Security Professionals
System Administrators
Cybersecurity Analysts
IT Managers and Directors
Security Engineers
Network Architects
IT Auditors

Prerequisites of the Get started with Microsoft Copilot for Security (SC-5006) Training Course

There are no formal prerequisites for attending this Get started with Microsoft Copilot for Security (SC-5006) Training Course.

Get started with Microsoft Copilot for Security (SC-5006) Training Course Overview

Microsoft Copilot for Security is an innovative tool that leverages generative AI to enhance cybersecurity measures across various Microsoft platforms. Its importance lies in its ability to intelligently process and respond to security prompts, thereby augmenting security operations with advanced AI capabilities. For delegates, mastering Microsoft Copilot for Security opens up career advancement opportunities, positioning them as leaders in the cybersecurity field and making them highly valuable assets in an AI-driven corporate world.

In the Get Started with Microsoft Copilot for Security (SC-5006) course, delegates will gain comprehensive insights into the integration of generative AI with cybersecurity practices through Microsoft Copilot for Security. The training covers the basics of generative AI, detailed functionalities of Microsoft Copilot for Security, and its application within various Microsoft security tools, enabling a deeper understanding of AI's role in enhancing security measures.

Course Objectives

To understand generative AI and language model basics
To explore Microsoft Copilot for Security's functionalities
To learn how to customise and extend Copilot capabilities
To apply Copilot in Microsoft Defender and other tools
To develop effective prompts for optimised security responses
To manage and integrate various plugins and extensions

After attending this training, delegates will be equipped to effectively implement and manage Microsoft Copilot for Security across various platforms. They will be proficient in customising the tool to fit their organisation's unique security needs, configuring and utilising plugins, and creating effective prompt strategies.

Explore Course Information

See dates & prices

What’s included in this Get started with Microsoft Copilot for Security SC5006 Training Course?

World-Class Training Sessions from Experienced Instructors
Get started with Microsoft Copilot for Security SC5006 Training Course Certificate
Digital Delegate Pack

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

accredited by

Our Microsoft training course is accredited by Microsoft

Duration

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Defend Against Cyberthreats with Microsoft Defender XDR SC-5004 Training Outline

Module 1: Mitigate Incidents using Microsoft Defender

Use the Microsoft Defender Portal
Manage Incidents
Investigate Incidents
Manage and Investigate Alerts
Manage Automated Investigations
Use the Action Centre
Explore Advanced Hunting
Investigate Microsoft Entra sign-in Logs
Understand Microsoft Secure Score
Analyse Threat Analytics
Analyse Reports
Configure the Microsoft Defender Portal

Module 2: Deploy the Microsoft Defender for Endpoint Environment

Create your Environment
Understand Operating Systems Compatibility and Features
Onboard Devices
Manage Access
Create and Manage Roles for Role-Based Access Control
Configure Device Groups
Configure Environment Advanced Features

Module 3: Configure for Alerts and Detections in Microsoft Defender for Endpoint

Configure Advanced Features
Configure Alert Notifications
Manage Alert Suppression
Manage Indicators

Module 4: Configure and Manage Automation using Microsoft Defender for Endpoint

Configure Advanced Features
Manage Automation Upload and Folder Settings
Configure Automated Investigation and Remediation Capabilities
Block at Risk Devices

Module 5: Perform Device Investigations in Microsoft Defender for Endpoint

Use the Device Inventory List
Investigate the Device
Use Behavioural Blocking
Detect Devices with Device Discovery

Module 6: Defend Against Cyberthreats with Microsoft Defender XDR Lab Exercises

Configure the Microsoft Defender XDR Environment
Deploy Microsoft Defender for Endpoint
Mitigate Attacks with Microsoft Defender for Endpoint

Explore Course Information

See dates & prices

Who Should Attend this Defend Against Cyberthreats with Microsoft Defender XDR SC-5004 Training

This Microsoft Defender XDR Training is designed for professionals responsible for detecting, investigating, and responding to cybersecurity threats. It equips learners with hands‑on skills to work with Microsoft Defender XDR, Defender for Endpoint, and KQL-based threat hunting. This course is particularly valuable for the following roles:

Security Operations Analysts
Security Engineers
Incident Responders
Cybersecurity Analysts
IT Professionals involved in security operations
Threat Hunters
SOC Team Members
Professionals familiar with Microsoft Defender

Prerequisites of the Defend Against Cyberthreats with Microsoft Defender XDR SC-5004 Training

Delegates should have hands‑on experience using Microsoft security tools to investigate incidents and analyse threats. They are expected to be familiar with Microsoft Defender for Endpoint and the Microsoft Defender portal, as well as comfortable using Kusto Query Language (KQL) for querying and analysing security data.

Defend Against Cyberthreats with Microsoft Defender XDR SC-5004 Training Overview

The Microsoft Defender XDR SC 5004 Course equips delegates to detect, investigate, and respond to cyberthreats using Microsoft Defender XDR. It covers incident mitigation, endpoint investigations, alert configuration, automation, and advanced threat hunting with KQL.

This training helps delegates build practical threat‑response skills and strengthen organisational resilience. Delegates learn to analyse security signals, manage incidents effectively, and apply investigation techniques to support rapid threat containment.

This 1‑Day Microsoft Defender XDR Course offered by The Knowledge Academy enables delegates to apply incident response principles with confidence. Through hands‑on activities, they gain the capability to configure Defender XDR and perform real‑world threat investigations across devices and services.

Defend Against Cyberthreats with Microsoft Defender XDR SC-5004 Training Objectives

To configure and manage Defender XDR for effective threat detection
To investigate alerts and incidents using Defender for Endpoint tools
To perform device investigations and review forensic data for response
To apply automated investigation and response settings to streamline operations
To use Advanced Hunting with KQL to identify unique threats
To correlate signals across Defender services for stronger threat mitigation

Upon completing this course, delegates will sharpen their investigative skills and adopt a structured response approach that enables them to help organisations detect and mitigate cyberthreats using Microsoft Defender XDR. They will be equipped to manage incidents, perform threat hunting, and enhance overall security operations.

Explore Course Information

See dates & prices

What’s Included in this Defend Against Cyberthreats with Microsoft Defender XDR SC-5004 Training?

World-Class Training Sessions from Experienced Instructors
Digital Delegate Pack
Interactive Learning with 24*7 Support

Explore Course Information

See dates & prices

Explore Course Information

See dates & prices

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on + 1-866 272 8822 or Enquire.

Microsoft Security Engineer Training FAQs

What is Microsoft Security Engineering?

Microsoft Security Engineering focuses on designing, implementing, and maintaining security solutions for Microsoft environments. It includes threat detection, identity protection, cloud security, and compliance management to safeguard enterprise systems, networks, and data against cyber threats.

What does a Microsoft Security Engineer do?

A Microsoft Security Engineer protects IT infrastructure by configuring security controls, monitoring threats, managing identity and access, securing cloud environments, and ensuring compliance with industry standards. They work with Microsoft security tools like Defender, Sentinel, and Azure Security Center.

What are the benefits of doing Microsoft Security Engineer Training Courses?

These courses enhance cybersecurity skills, improve threat detection capabilities, provide hands-on experience with Microsoft security tools, and increase employability. Certification demonstrates expertise in securing Microsoft environments, making professionals more competitive in cybersecurity roles.

Is this training beneficial for cybersecurity professionals?

Yes, this training is highly beneficial for cybersecurity professionals looking to specialise in Microsoft security solutions. It equips them with in-depth knowledge of securing Microsoft 365, Azure, and hybrid environments against cyber threats.

Who should register for Microsoft Security Engineer Training?

IT Security Professionals, System Administrators, Cloud Security Engineers, Network Security Specialists, and Cybersecurity Analysts should register. It is ideal for individuals managing Microsoft-based security infrastructure and seeking career growth in cybersecurity.

Are there any prerequisites for attending these Microsoft Security Engineer Training Courses?

The prerequisites for these Microsoft Security Engineer Courses are based on the course specifications and the target group of professionals it serves. Check the respective course page of the course that you are planning to take to know about its prerequisites.

How long does the Microsoft Security Engineer Certification typically take?

The duration of these Microsoft Security Engineer Certification courses varies. Please visit our course pages for specific information.

Do you offer 24/7 support for these Microsoft Security Engineer Training Courses?

Yes, The Knowledge Academy offers 24/7 support via phone & email before attending, during, and after the course. Our customer support team is available to assist and promptly resolve any issues you may encounter.

What are the roles and responsibilities of Microsoft Security Engineers?

Microsoft Security Engineers manage security operations, configure security tools, detect and mitigate threats, enforce compliance policies, handle identity and access management, and secure cloud environments, ensuring robust cybersecurity for enterprises using Microsoft technologies.

Are these Microsoft Security Engineer Courses accredited?

Yes, Microsoft Security Engineer courses are accredited by Microsoft. Certifications such as Microsoft Certified: Security, Compliance, and Identity Fundamentals or Microsoft Certified: Security Operations Analyst Associate validate professional expertise in security engineering.

How to become a Microsoft Security Engineer?

To become a Microsoft Security Engineer, gain experience in IT security, complete Microsoft security training, earn relevant certifications like SC-200 (Security Operations Analyst) or SC-300 (Identity and Access Administrator), and develop hands-on expertise in Microsoft security tools.

What job opportunities are available after completing these Microsoft Security Engineer Courses?

Certified professionals can pursue roles such as Microsoft Security Engineer, Cybersecurity Analyst, Security Operations Analyst, Cloud Security Engineer, Identity and Access Administrator, and Threat Intelligence Analyst in enterprises, government agencies, and security firms.

Who should I contact if I am unable to access the course material?

If you are unable to access your training, contact the support team at The Knowledge Academy via their customer service email or phone number provided on their website for prompt assistance and resolution of your issue.

Why choose The Knowledge Academy in Panama over others?

The Knowledge Academy in Panama stands out as a prestigious training provider known for its extensive course offerings, expert instructors, adaptable learning formats, and industry recognition. It's a dependable option for those seeking this Microsoft Security Engineer Training.

What are the best Microsoft Security Engineer Training in Panama?

Please see our Microsoft Security Engineer Training available in Panama

Which is the best training institute/provider of Microsoft Security Engineer Training in Panama?

The Knowledge Academy is one of the Leading global training provider for Microsoft Security Engineer Training.

What is the cost/training fees for Microsoft Security Engineer Training in Panama

The training fees for Microsoft Security Engineer Training in Panama starts from $3195

Why we're the go to training provider for you

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

Trusted & Approved

Recognised by leading certification bodies, we deliver training you can trust.

Many delivery methods

Flexible delivery methods are available depending on your learning style.

High quality resources

Resources are included for a comprehensive learning experience.

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water