Threat Protection and Incident Response with Microsoft Sentinel
Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames. In this training you will learn how to deploy and connect this SIEM and SOAR solution to different data sources. You will learn how to use intelligent security analytics and threat intelligence capabilities for attack detection, threat visibility, proactive hunting, and threat response.
.png?lmsauth=2195f7b59cd58dcb63c89bd4b9ac2116065b63cd)
Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames. In this training you will learn how to deploy and connect this SIEM and SOAR solution to different data sources. You will learn how to use intelligent security analytics and threat intelligence capabilities for attack detection, threat visibility, proactive hunting, and threat response.
Modules
.png?lmsauth=0ac15aa3a8dfbb6c9d51b09498f2020477f51c30)
Deploying and configuring Microsoft Sentinel
In this module, Learn to Design your Microsoft Sentinel workspace architecture, Manage roles and permissions, Enable data connectors using a content hub, Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentinel, Understand security coverage by the MITRE ATT&CK® framework, Connect Microsoft Sentinel to Amazon Web Services to ingest AWS service log data and AWS S3 connector – architecture overview.
Threat Intelligence and Investigation
In this module, you will learn about Introduction to Microsoft content hub solutions, Introduction to Threat Intelligence in Microsoft Sentinel, connect your threat intelligence platform to Microsoft Sentinel, Work with threat indicators, Detect Threat and Analyse Data, investigating incidents and Using Workbooks to investigate threats.
Identify advanced threats with User and Entity Behavior Analytics (UEBA) in Microsoft Sentinel
In this module, you will learn about Introduction to User and Entity Behavior Analytics (UEBA), UEBA analytics architecture, Enable UEBA, Anomalies detected by UEBA, Querying UEBA, Investigating with UEBA.
Automating responses in Microsoft Sentinel and integration with Microsoft Defender Solutions
In this module, you will learn about Introduction to SOAR in Microsoft Sentinel, Creating and working with Automation Rules, Automation with Playbooks, Azure Logic Apps, Customizing Microsoft Sentinel playbooks from templates, Bring Your own Machine Learning platform, Integration with Microsoft 365 Defender and Integration with Microsoft Defender for Cloud
Post-training Skills Assessment
Take this assessment to validate your skills gathered from the self-paced online learning course completed in this course to mark your completion.
.png?lmsauth=2839fd831ec2c0359f0ed9d221d6f8e12528a5f1)
Course Completion Survey
Share your feedback with us regarding your experience!