Describe threat protection with Microsoft Defender XDR Flashcards

1
Q

Describe Microsoft Defender XDR

A

Microsoft Defender XDR is an enterprise defense suite that protects against sophisticated cyberattacks. With Microsoft Defender XDR, you can natively coordinate the detection, prevention, investigation, and response to threats across endpoints, identities, email, and applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Describe Microsoft Defender for Office 365

A

Microsoft Defender for Office 365 is a seamless integration into your Office 365 subscription that protects against threats, like phishing and malware that arrive in email links, attachments, or collaboration tools like SharePoint, Teams, and Outlook.

It provides admins and security operation teams with a wide range of capabilities:
-Preset security policies:
-threat protection policies
-reports
-threat investigation and response capabilities
-automated investigation and response capabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe Microsoft Defender for Endpoint

A

Microsoft Defender for Endpoint is a platform designed to help enterprise networks protect endpoints including laptops, phones, tablets, PCs, access points, routers, and firewalls.

Microsoft Defender for Endpoint includes:
-Core Defender Vulnerability Management:
-Attack surface reduction.
-Next-generation protections
-Endpoint detection and response:
-Automated investigation and remediation (AIR)
-Microsoft Secure Score for Devices
-Microsoft Threat Experts
-Management and APIs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe Microsoft Defender for Cloud Apps

A

Microsoft Defender for Cloud Apps delivers full protection for SaaS applications, helpig you monitor and protect your cloud app data across the following feature areas:
-Saas Security Posture Management (SSPM): defender for cloud helps by recommending specific actions to strengthen posture.
-Advance threat protection:
-App-to-app protection with app governance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe Microsoft Defender for Identity

A

Microsoft Defender for Identity is a cloud-based security solution. It uses your on-premise Active Directory data to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe Microsoft Defender Vulnerability Management

A

Defender Vulnerability Management delivers asset visibility, intelligent assessment, and built-in remediation tools for Windows, MacOS, Linux, Android, iOS, and network devices.

It offers:
-Continuous asset discovery and monitoring
-Risk-based intelligent prioritization
-Remediation & tracking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe Microsoft Defender Threat Intelligence

A

Microsoft Defender Threat Intelligence (Defender TI) helps streamline security analyst triage, incident response, threat hunting, and vulnerability management workflows. Defender TI aggregates and enriches critical threat information in n easy-to-use interface.

It has a home page where you can see different threats, looks like a blog post but they say it is not a blog.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the Microsoft Defender portal

A

Microsoft Defender portal combines protection, detection, investigation, and response to devices, identities, endpoints, email & collaboration, and cloud apps, in a central place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly