The purpose of the sandbox lab is to help you develop proficiency in managing and monitoring the Microsoft Defender ATP solution. The lab provides a flexible framework for evaluating the solution, its installation and behavior in a sample customer environment. The lab will introduce you to the concepts and steps involved in detecting and responding to security incidents that are not caught by traditional defense measures.
The lab environment will allow you to:
- Access the ESA Baseline Sandbox environment.
- Log in to the cloud-based portal.
- Navigate the portal's interface and workflow.
- Introduce a "benign" malicious file.
- Trace the effects of the file on the endpoint and the overall environment.