Introduction
Microsoft Defender for Endpoint provides automated investigation and remediation. The automation configuration options allow for control of how the automation is applied to devices.
You're a Security Operations Analyst working at a company that is implementing Microsoft Defender for Endpoint. You have different remediation automation requirements for devices. You plan to create device groups to manage remediation levels.
Device groups provide two primary functions; set the remediation level, and set security access. You meet with your Security Operations team and design device groups to meet both of these functional requirements. You then configure the Remediation Level for each device group and assign the devices.
After completing this module, you'll be able to:
Configure advanced features of Microsoft Defender for Endpoint
Manage automation settings in Microsoft Defender for Endpoint
Prerequisites
Intermediate understanding of Windows 10.