Threat Detection Solutions


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
Discover advanced threat detection solutions for your Windows computing systems. In this course, you will examine the protective tools and features offered by Microsoft. Topics include the following: how to configure and use local and advanced audit policies, how to configure group policies such as AuditPol.exe, and the Audit PNP activity policy; how to enable and configure module, script block, and transcription logging in Windows PowerShell. Other topics include how to configure AutoGateway and Microsoft Advanced Threat Analytics, as well as how to review and edit suspicious activities on the attack time line. Finally, you will explore how to deploy and use OMS for log analytics, auditing, and security functions.

Target Audience
IT professionals, Microsoft Server 2016 administrators, and MCSE candidates

Prerequisites
None

Expected Duration (hours)
1.2

Lesson Objectives

Threat Detection Solutions

  • start the course
  • configure advanced audit policies
  • determine the differences and usage scenarios for using local and advanced auditing policies
  • implement auditing using Group Policy and AuditPol.exe, and implement auditing using Windows PowerShell
  • create expression-based audit policies
  • configure the Audit PNP activity policy
  • enable and configure module, script block, and transcription logging in Windows PowerShell
  • recognize usage and deployment scenarios for Microsoft Advanced Threat Analytics (ATA)
  • install and configure Microsoft Advanced Threat Analytics (ATA) Center
  • install and configure an ATA gateway on a server
  • configure alerts in ATA Center when suspicious activity is detected
  • review and edit suspicious activities on the attack time line
  • describe the usage and deployment of Operations Management Suite (OMS) for security threat detection
  • describe Operations Management Suite (OMS) security and auditing functions and the use of log analytics in threat detection
  • describe threat detection solutions

    • Course Number:
    os_swns_a12_it_enus

    Expertise Level
    Intermediate