3.3 Deploying AV settings via GPO, MDE from Zero to Hero
2.2 هزار بار بازدید -
2 سال پیش
-
Welcome to Microsoft Defender for
Welcome to Microsoft Defender for Endpoint – From Zero to Hero, Module 3.3 - Deploying AV settings via GPO
When configuring antivirus settings via GPO, there are some aspects you need to take into consideration. The GPO approach and permissions to support the deployment are essential.
In this video you will see the following:
1 - GPO Approach
OU hierarchy
Permissions for GPOs at higher level
ASR and PUA
2 - .ADMX and .ADML template
3 - GPO settings for MDE
4 - Checking the deployment
**COURSE OUTLINE**
I have plans to record 20+ videos and the course outline is not set in stone. Below are the modules already available and the ones on the horizon:
1. Product Overview - .
1.1 - Minimum requirements and licensing - https://www.seevid.ir/fa/w/2ElE6g1xifc
2 - Design & key decisions
2.1 Design: MDE settings deployment - https://www.seevid.ir/fa/w/fsXLNGcyNEk
2.3 - Design - Best practise for full scan - https://www.seevid.ir/fa/w/g2Gkp69VnBE
2.10 Device tag overview - https://www.seevid.ir/fa/w/irqGb5k7TLg
2.11 Deploying device tag via portal, GPO and Intune - https://www.seevid.ir/fa/w/g79Tc19nXB4
2.12 - Device auto-tagging via Logic Apps - https://www.seevid.ir/fa/w/ekwPRg0PjM0
3 - MDE deployment
3.1 - Initial setup and advanced settings - https://www.seevid.ir/fa/w/TwqC9wNQTbY
3.2 - Deploying settings via MEM - https://www.seevid.ir/fa/w/qVCBZO6pBH0
3.3 - Deploying settings via GPO - https://www.seevid.ir/fa/w/g-9DTpMQuPE
4 - Onboarding
4.1 - Onboarding overview - https://www.seevid.ir/fa/w/iephNadOIDU
4.2 - Onboarding via GPO and local script - https://www.seevid.ir/fa/w/1xYxQ2JtSdg
4.3 - Onboarding via Microsoft Endpoint Manager - https://www.seevid.ir/fa/w/GCqKdmGXyF8
4.4 - Onboarding via helper script - https://www.seevid.ir/fa/w/C_pVEUa2GjM
4.5 - Auto Onboarding via Defender for Cloud
5 - Migration from 3rd party solution - https://www.seevid.ir/fa/w/_MiNDetIAvk
6 - Monitoring
6.1 - Alerts and incidents management - https://www.seevid.ir/fa/w/OfaSua6fCMM
6.2 - Ransomware attack investigation - https://www.seevid.ir/fa/w/kOf3BXLJTkM
6.3 - Dealing with Ransomware via Sentinel automation - https://www.seevid.ir/fa/w/0L5djE4nf1w
7 - Integration with SIEM (Security Information and Event Management)
8 - Troubleshooting
8.1 - Troubleshooting mode deep dive - https://www.seevid.ir/fa/w/M6f4G1SPCGY
8.2 - Troubleshooting PowerShell output issue - https://www.seevid.ir/fa/w/hjebQry6vNo
My Microsoft Defender for Endpoint – From Zero to Hero playlist can be accessed from
https://www.seevid.ir/fa/w/UfpQq0BHAjw
Please consider subscribing to my channel for the latest updates and upcoming modules.
Thanks for supporting this project, I hope you enjoy and learn a lot
Thanks for watching
Jackson Felden
Reference: How to create and manage the Central Store for Group Policy Administrative Templates in Windows at https://learn.microsoft.com/en-us/troubleshoot/windows-client/group-policy/create-and-manage-central-store
#MicrosoftDefenderForEndpoint #MDE #CyberSecurity #AlwaysLearning #AlwaysSharing
2 سال پیش
در تاریخ 1401/12/09 منتشر شده
است.
2,251
بـار بازدید شده