Introduction

Completed

Microsoft Defender for Endpoint gives you various tools to eliminate risks by reducing the surface area for attacks without blocking user productivity.

You're a Security Operations Analyst working at a company that's implementing Microsoft Defender for Endpoint. You're responsible for working with the Endpoint management team to provide security configuration recommendations for Windows devices.

You first review each Attack Surface Reduction component to understand the attack vector the component was designed to mitigate. You then work with the Endpoint management team to create a custom security baseline for Windows devices.

After completing this module, you'll be able to:

  • Explain Attack Surface Reduction in Windows
  • Enable Attack Surface Reduction rules on Windows devices
  • Configure Attack Surface Reduction rules on Windows devices

Prerequisites

Intermediate understanding of Windows 10 and 11.