Task 1.3: Add a new sensor

1. In the DC01 RDP session, open Microsoft Edge, then go to https://security.microsoft.com, then sign in using your Microsoft 365 account.

2. Close any dialog boxes that appear.

3. In the Microsoft Defender menu, select Settings.

4. On the Settings page, select Identities.

   It can take up to 10 minutes to prepare new spaces the first time you attempt to load the identities page.

5. On the Microsoft Defender for Identity page, select Add sensor.

6. On the Add a new sensor pane, select Download installer to save the file to the Downloads directory.

   If the download does not start, in the Microsoft Edge settings, disable the pop-up blocker, then select Download installer again.

7. On the Add a new sensor pane, copy the access key value, You will paste this into the installer window when installing the sensor.

   The access key is a one-time password for use when deploying the sensor, after which communication is performed using certificates for authentication and TLS encryption.

8. In File Explorer, under Quick access, select Downloads.

9. In the Downloads directory, right-click Azure ATP Sensor Setup.zip, select Extract All, and then select Extract.

10. In the Azure ATP Sensor Setup directory, double-click Azure ATP Sensor Setup.exe.

11. In the Install Microsoft Defender for Identity Sensor box, on the Choose your language menu, select English, then select Next.

12. On the Sensor deployment type page, accept the default value, then select Next.

13. On the Configure the Sensor page, in the Access key box, paste the access key that you copied above, then select Install.

14. After the Installation completed successfully message appears, select Finish.

15. Switch back to the Microsoft Defender for Identity tab in Microsoft Edge, then refresh the tab to view the newly-deployed DC01 sensor.

    The DC01 sensor, a domain controller sensor, is installed in the MSMDI.local domain.

16. Select the DC01 sensor to view the sensor details, then close the pane.