Cloud-native security operations with Microsoft Sentinel
Offered By: Microsoft via Microsoft Learn
Course Description
Overview
- Module 1: Get familiar with Microsoft Sentinel, a cloud-native, security information and event management (SIEM) service.
- Identify the various components and functionality of Microsoft Sentinel.
- Identify use cases where Microsoft Sentinel would be a good solution.
- Module 2: Learn how to deploy Microsoft Sentinel and connect the services you want to monitor. Then you can use Azure and AI to provide analysis of security alerts.
- Deploy Microsoft Sentinel.
- Connect to the services you want to monitor.
- Manage the log data collected by connectors.
- Module 3: Threat detection with Microsoft Sentinel analytics
- Explain the importance of Microsoft Sentinel Analytics.
- Explain different types of analytics rules.
- Create rules from templates.
- Create new analytics rules and queries using the analytics rule wizard.
- Manage rules with modifications.
- Module 4: Security incident management in Microsoft Sentinel
- Understand Microsoft Sentinel incident management
- Explore Microsoft Sentinel evidence and entity management
- Investigate and manage incident resolution
- Module 5: Threat hunting with Microsoft Sentinel
- Use queries to hunt for threats.
- Save key findings with bookmarks.
- Observe threats over time with livestream.
- Module 6: Provide an introduction to implementing threat response with Microsoft Sentinel playbooks.
- Explain Microsoft Sentinel SOAR capabilities.
- Explore the Microsoft Sentinel Logic Apps connector.
- Create a playbook to automate an incident response.
- Run a playbook on demand in response to an incident.
- Module 7: Describe how to query, visualize, and monitor data in Microsoft Sentinel.
- Visualize security data using Microsoft Sentinel Workbooks.
- Understand how queries work.
- Explore workbook capabilities.
- Create a Microsoft Sentinel Workbook.
By the end of this module, you will be able to:
After completing this module, you'll be able to:
In this module, you will:
In this module, you will:
In this module, you will:
In this module you will:
In this module you will:
Syllabus
- Module 1: Introduction to Microsoft Sentinel
- Introduction
- What is Microsoft Sentinel?
- How Microsoft Sentinel works
- When to use Microsoft Sentinel
- Knowledge check
- Summary
- Module 2: Deploy Microsoft Sentinel and connect data sources
- Introduction
- Consider deployment options
- Describe Microsoft Sentinel permissions and roles
- Connect data sources
- Consider data-connection methods
- Manage logs
- Knowledge check
- Summary
- Module 3: Threat detection with Microsoft Sentinel analytics
- Introduction
- Exercise - Detect threats with Microsoft Sentinel analytics
- What is Microsoft Sentinel Analytics?
- Types of analytics rules
- Create an analytics rule from templates
- Create an analytics rule from wizard
- Manage analytics rules
- Exercise - Detect threats with Microsoft Sentinel analytics
- Summary
- Module 4: Security incident management in Microsoft Sentinel
- Introduction
- Exercise setup
- Describe incident management
- Understand evidence and entities
- Manage incidents
- Exercise - Investigate an incident
- Summary
- Module 5: Threat hunting with Microsoft Sentinel
- Introduction
- Exercise setup
- Explore creation and management of Microsoft Sentinel threat-hunting queries
- Save key findings with bookmarks
- Observe threats over time with livestream
- Exercise - Hunt for threats by using Microsoft Sentinel
- Summary
- Module 6: Threat response with Microsoft Sentinel playbooks
- Introduction
- Exercise - Create a Microsoft Sentinel playbook
- What are Microsoft Sentinel playbooks?
- Trigger a playbook in real-time
- Run playbooks on demand
- Exercise - Create a Microsoft Sentinel playbook
- Summary
- Module 7: Query, visualize, and monitor data in Microsoft Sentinel
- Introduction
- Exercise - Query and visualize data with Microsoft Sentinel Workbooks
- Monitor and visualize data
- Query data using Kusto Query Language
- Use default Microsoft Sentinel Workbooks
- Create a new Microsoft Sentinel Workbook
- Exercise - Visualize data using Microsoft Sentinel Workbooks
- Summary
Tags
Related Courses
Design Computing: 3D Modeling in Rhinoceros with Python/RhinoscriptUniversity of Michigan via Coursera 3D SARS-CoV-19 Protein Visualization With Biopython
Coursera Project Network via Coursera A Simple Scatter Plot using D3 js
Coursera Project Network via Coursera Access Bioinformatics Databases with Biopython
Coursera Project Network via Coursera Accounting Data Analytics
University of Illinois at Urbana-Champaign via Coursera