- 0
- 4-5 hours worth of material
- Microsoft Learn
- English
Course Overview
- Module 1: Threat detection with Microsoft Sentinel analytics
- Explain the importance of Microsoft Sentinel Analytics.
- Explain different types of analytics rules.
- Create rules from templates.
- Create new analytics rules and queries using the analytics rule wizard.
- Manage rules with modifications.
- Module 2: Provide an introduction to implementing threat response with Microsoft Sentinel playbooks.
- Explain Microsoft Sentinel SOAR capabilities.
- Explore the Microsoft Sentinel Logic Apps connector.
- Create a playbook to automate an incident response.
- Run a playbook on demand in response to an incident.
- Module 3: Security incident management in Microsoft Sentinel
- Understand Microsoft Sentinel incident management
- Explore Microsoft Sentinel evidence and entity management
- Investigate and manage incident resolution
- Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel
- Explain User and Entity Behavior Analytics in Azure Sentinel
- Explore entities in Microsoft Sentinel
- Module 5: Describe how to query, visualize, and monitor data in Microsoft Sentinel.
- Visualize security data using Microsoft Sentinel Workbooks.
- Understand how queries work.
- Explore workbook capabilities.
- Create a Microsoft Sentinel Workbook.
In this module, you will:
In this module you will:
In this module, you will:
Upon completion of this module, the learner will be able to:
In this module you will:
Course Circullum
- Module 1: Threat detection with Microsoft Sentinel analytics
- Introduction
- Exercise - Detect threats with Microsoft Sentinel analytics
- What is Microsoft Sentinel Analytics?
- Types of analytics rules
- Create an analytics rule from templates
- Create an analytics rule from wizard
- Manage analytics rules
- Exercise - Detect threats with Microsoft Sentinel analytics
- Summary
- Module 2: Threat response with Microsoft Sentinel playbooks
- Introduction
- Exercise - Create a Microsoft Sentinel playbook
- What are Microsoft Sentinel playbooks?
- Trigger a playbook in real-time
- Run playbooks on demand
- Exercise - Create a Microsoft Sentinel playbook
- Summary
- Module 3: Security incident management in Microsoft Sentinel
- Introduction
- Exercise setup
- Describe incident management
- Understand evidence and entities
- Manage incidents
- Exercise - Investigate an incident
- Summary
- Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel
- Introduction
- Understand user and entity behavior analytics
- Explore entities
- Display entity behavior information
- Knowledge check
- Summary and resources
- Module 5: Query, visualize, and monitor data in Microsoft Sentinel
- Introduction
- Exercise - Query and visualize data with Microsoft Sentinel Workbooks
- Monitor and visualize data
- Query data using Kusto Query Language
- Use default Microsoft Sentinel Workbooks
- Create a new Microsoft Sentinel Workbook
- Exercise - Visualize data using Microsoft Sentinel Workbooks
- Summary
Item Reviews - 3
Submit Reviews
This Course Include:
- Module 1: Threat detection with Microsoft Sentinel analytics
- Introduction
- Exercise - Detect threats with Microsoft Sentinel analytics
- What is Microsoft Sentinel Analytics?
- Types of analytics rules
- Create an analytics rule from templates
- Create an analytics rule from wizard
- Manage analytics rules
- Exercise - Detect threats with Microsoft Sentinel analytics
- Summary
- Module 2: Threat response with Microsoft Sentinel playbooks
- Introduction
- Exercise - Create a Microsoft Sentinel playbook
- What are Microsoft Sentinel playbooks?
- Trigger a playbook in real-time
- Run playbooks on demand
- Exercise - Create a Microsoft Sentinel playbook
- Summary
- Module 3: Security incident management in Microsoft Sentinel
- Introduction
- Exercise setup
- Describe incident management
- Understand evidence and entities
- Manage incidents
- Exercise - Investigate an incident
- Summary
- Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel
- Introduction
- Understand user and entity behavior analytics
- Explore entities
- Display entity behavior information
- Knowledge check
- Summary and resources
- Module 5: Query, visualize, and monitor data in Microsoft Sentinel
- Introduction
- Exercise - Query and visualize data with Microsoft Sentinel Workbooks
- Monitor and visualize data
- Query data using Kusto Query Language
- Use default Microsoft Sentinel Workbooks
- Create a new Microsoft Sentinel Workbook
- Exercise - Visualize data using Microsoft Sentinel Workbooks
- Summary
- Provider:Microsoft Learn
- Certificate:Not Avalible
- Language:English
- Duration:4-5 hours worth of material
- Language CC: