Microsoft Sentinel Skills
Microsoft Sentinel Skills
Published 5/2023
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 4.52 GB | Duration: 5h 8m
Published 5/2023
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 4.52 GB | Duration: 5h 8m
Security Information and Event Management (SIEM)
What you'll learn
Understand the core features and capabilities of Microsoft Sentinel, including its data model, query language, and analytics capabilities.
Effectively monitor and detect security threats using Sentinel's built-in security analytics and threat intelligence features.
Configure data connectors to ingest and analyze security data from various sources, including cloud services and on-premises environments.
Automate incident response workflows using Sentinel's automation features, including playbooks and Logic Apps.
Requirements
While not required, experience with security technologies and tools, such as SIEM systems, threat intelligence platforms, and security analytics tools, can be beneficial for learners taking this course.
Description
The Microsoft Sentinel Skills Course is a comprehensive training program designed to provide learners with the knowledge and skills needed to effectively use Microsoft Sentinel, a cloud-native Security Information and Event Management (SIEM) system. The course is intended for security professionals, IT administrators, and anyone responsible for monitoring and responding to security incidents in an organization.The course begins with an introduction to Sentinel and its key features, followed by a deep dive into the Sentinel data model, query language, and analytics capabilities. Learners will also learn how to use Sentinel to detect and respond to security threats, configure data connectors, and automate incident response workflows.Other topics covered in the course include threat hunting, incident investigation, creating custom alerts and workbooks, and managing Sentinel at scale. The course also covers best practices for configuring and managing Sentinel in a production environment.Throughout the course, learners will have access to hands-on labs and exercises designed to reinforce the concepts covered in the lectures. Upon completion of the course, learners will be well-equipped to use Microsoft Sentinel to monitor and protect their organization's digital assets.The Microsoft Sentinel Skills Course is intended for security professionals, IT administrators, and anyone responsible for monitoring and responding to security incidents in an organization. The course is ideal for individuals who want to gain a deep understanding of Microsoft Sentinel, a cloud-native Security Information and Event Management (SIEM) system, and learn how to use it effectively to monitor and protect their organization's digital assets.
Overview
Section 1: Architecture
Lecture 1 Overview
Lecture 2 Prerequisites
Lecture 3 Roles & Permissions
Lecture 4 Costs & Billing
Section 2: Deployment
Lecture 5 On-Boarding
Lecture 6 Getting Acquainted
Section 3: How Do I?
Lecture 7 Discover & Deploy Out-of-the-box Content
Lecture 8 Connect Threat Intelligence Platforms
Lecture 9 Use Azure Monitor Workbooks
Lecture 10 Create Custom Analytics Rules
Lecture 11 Create Anomaly Detection Analytics Rules
Lecture 12 Enable User & Entity Behavior Analytics (UEBA)
Lecture 13 Configure Multistage Attack Detection (Fusion) Rules
Security analysts and engineers,Security operations center (SOC) analysts and managers,IT administrators responsible for security,Cloud security architects and engineers,Cybersecurity professionals,Information security managers,Compliance and risk managers,IT managers and directors,Azure administrators and architects,Anyone interested in learning about Microsoft Sentinel and cloud-native security technologies.