Introduction

Completed

Microsoft Defender for Endpoint provides automated investigation and remediation. The automation configuration options allow for control of how the automation is applied to devices.

You're a Security Operations Analyst working at a company that is implementing Microsoft Defender for Endpoint. You have different remediation automation requirements for devices. You plan to create device groups to manage remediation levels.

Device groups provide two primary functions; set the remediation level, and set security access. You meet with your Security Operations team and design device groups to meet both of these functional requirements. You then configure the Remediation Level for each device group and assign the devices.

After completing this module, you'll be able to:

  • Configure advanced features of Microsoft Defender for Endpoint

  • Manage automation settings in Microsoft Defender for Endpoint

Prerequisites

Intermediate understanding of Windows 10.