Overview

Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames. In this training you will learn how to deploy and connect this SIEM and SOAR solution to different data sources. You will learn how to use intelligent security analytics and threat intelligence capabilities for attack detection, threat visibility, proactive hunting, and threat response.

Modules

Deploying and configuring Microsoft Sentinel

In this module, Learn to Design your Microsoft Sentinel workspace architecture​, Manage roles and permissions​, Enable data connectors using a content hub​, Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentinel​, Understand security coverage by the MITRE ATT&CK® framework​, Connect Microsoft Sentinel to Amazon Web Services to ingest AWS service log data​ and AWS S3 connector – architecture overview​.

Threat Intelligence and Investigation

In this module, you will learn about Introduction to Microsoft content hub solutions​, Introduction to Threat Intelligence in Microsoft Sentinel​, connect your threat intelligence platform to Microsoft Sentinel​, Work with threat indicators, Detect Threat and Analyse Data​, investigating incidents​ and Using Workbooks to investigate threats.

Identify advanced threats with User and Entity Behavior Analytics (UEBA) in Microsoft Sentinel

In this module, you will learn about Introduction to User and Entity Behavior Analytics (UEBA)​, UEBA analytics architecture​, Enable UEBA​, Anomalies detected by UEBA​, Querying UEBA​, Investigating with UEBA.

Automating responses in Microsoft Sentinel and integration with Microsoft Defender Solutions

In this module, you will learn about Introduction to SOAR in Microsoft Sentinel​, Creating and working with Automation Rules​, Automation with Playbooks​, Azure Logic Apps​, Customizing Microsoft Sentinel playbooks from templates​, Bring Your own Machine Learning platform​, Integration with Microsoft 365 Defender and Integration with Microsoft Defender for Cloud

Post-training Skills Assessment

Take this assessment to validate your skills gathered from the self-paced online learning course completed in this course to mark your completion.

Course Completion Survey

Share your feedback with us regarding your experience!

Advanced
  • Style

    Self paced
  • Target Audience

    Technical
  • Certification Course

    No
  • Hands on Labs

    Yes
Solution Areas

Security, Modern Sec Ops

 Error