Microsoft offers some very powerful tools and features for managing advanced threat detection. This course is one of a series in the Skillsoft learning path that covers the objectives for the Securing Windows Server 2016 exam 70-744.
Learning Objectives
Implementing Threat Detection Solutions
- start the course
- configure advanced audit policies
- determine the differences and usage scenarios for using local and advanced auditing policies
- implement auditing using Group Policy and AuditPol.exe, and implement auditing using Windows PowerShell
- create expression-based audit policies
- configure the Audit PNP activity policy
- enable and configure module, script block, and transcription logging in Windows PowerShell
- recognize usage and deployment scenarios for Microsoft Advanced Threat Analytics (ATA)
- install and configure Microsoft Advanced Threat Analytics (ATA) Center
- install and configure an ATA gateway on a server
- configure alerts in ATA Center when suspicious activity is detected
- review and edit suspicious activities on the attack time line
- describe the usage and deployment of Operations Management Suite (OMS) for security threat detection
- describe Operations Management Suite (OMS) security and auditing functions and the use of log analytics in threat detection
Practice: Threat Detection
- describe threat detection solutions