Configure SIEM security operations using Microsoft Sentinel
- Offered byMicrosoft
Configure SIEM security operations using Microsoft Sentinel at Microsoft Overview
Duration | 5 hours |
Start from | Start Now |
Total fee | Free |
Mode of learning | Online |
Schedule type | Self paced |
Difficulty level | Intermediate |
Official Website | Explore Free Course  |
Credential | Certificate |
Configure SIEM security operations using Microsoft Sentinel at Microsoft Course details
- Create and manage Microsoft Sentinel workspaces
- Connect Microsoft services to Microsoft Sentinel
- Connect Windows hosts to Microsoft Sentinel
- Threat detection with Microsoft Sentinel analytics
- Threat response with Microsoft Sentinel playbooks
- Configure SIEM security operations using Microsoft Sentinel
- Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.
- Note
- You need to have your own Azure subscription.
- You need an Azure subscription to complete these exercises. If you don't have an Azure subscription, create a free account and add a subscription before you begin. If you are a student, you can take advantage of the Azure for students offer.
Configure SIEM security operations using Microsoft Sentinel at Microsoft Curriculum
Create and manage Microsoft Sentinel workspaces
Introduction
Plan for the Microsoft Sentinel workspace
Create a Microsoft Sentinel workspace
Manage workspaces across tenants using Azure Lighthouse
Understand Microsoft Sentinel permissions and roles
Manage Microsoft Sentinel settings
Configure logs
Knowledge check
Summary and resources
Connect Microsoft services to Microsoft Sentinel
Introduction
Plan for Microsoft services connectors
Connect the Microsoft Office 365 connector
Connect the Microsoft Entra connector
Connect the Microsoft Entra ID Protection connector
Connect the Azure Activity connector
Knowledge check
Summary and resources
Connect Windows hosts to Microsoft Sentinel
Introduction
Plan for Windows hosts security events connector
Connect using the Windows Security Events via AMA Connector
Connect using the Security Events via Legacy Agent Connector
Collect Sysmon event logs
Knowledge check
Summary and resources
Threat detection with Microsoft Sentinel analytics
Introduction
Exercise - Detect threats with Microsoft Sentinel analytics
What is Microsoft Sentinel Analytics?
Types of analytics rules
Create an analytics rule from templates
Create an analytics rule from wizard
Manage analytics rules
Exercise - Detect threats with Microsoft Sentinel analytics
Summary
Threat response with Microsoft Sentinel playbooks
Introduction
Exercise - Create a Microsoft Sentinel playbook
What are Microsoft Sentinel playbooks?
Trigger a playbook in real-time
Run playbooks on demand
Exercise - Create a Microsoft Sentinel playbook
Summary
Configure SIEM security operations using Microsoft Sentinel
Introduction
Exercise - Configure SIEM operations using Microsoft Sentinel
Exercise - Install Microsoft Sentinel Content Hub solutions and data connectors
Exercise - Configure a data connector Data Collection Rule
Exercise - Perform a simulated attack to validate the Analytic and Automation rules
Summary
Configure SIEM security operations using Microsoft Sentinel at Microsoft Entry Requirements
- Fundamental understanding of Microsoft AzureBasic understanding of Microsoft SentinelExperience using Kusto Query Language (KQL) in Microsoft Sentinel
- Not mentioned
Configure SIEM security operations using Microsoft Sentinel at Microsoft Admission Process
Important Dates
Other courses offered by Microsoft
Student Forum
Anything you would want to ask experts?