Computer Science
Information Technology
Information Security (InfoSec)

SC-200: Create detections and perform investigations using Microsoft Sentinel

Created By
Microsoft via Microsoft Learn
  • 0
  • 4-5 hours worth of material
  • Microsoft Learn
  • English
SC-200: Create detections and perform investigations using Microsoft Sentinel

Course Overview

  • Module 1: Threat detection with Microsoft Sentinel analytics

    • In this module, you will:

    • Explain the importance of Microsoft Sentinel Analytics.
    • Explain different types of analytics rules.
    • Create rules from templates.
    • Create new analytics rules and queries using the analytics rule wizard.
    • Manage rules with modifications.
  • Module 2: Provide an introduction to implementing threat response with Microsoft Sentinel playbooks.

    • In this module you will:

    • Explain Microsoft Sentinel SOAR capabilities.
    • Explore the Microsoft Sentinel Logic Apps connector.
    • Create a playbook to automate an incident response.
    • Run a playbook on demand in response to an incident.
  • Module 3: Security incident management in Microsoft Sentinel

    • In this module, you will:

    • Understand Microsoft Sentinel incident management
    • Explore Microsoft Sentinel evidence and entity management
    • Investigate and manage incident resolution
  • Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel

    • Upon completion of this module, the learner will be able to:

    • Explain User and Entity Behavior Analytics in Azure Sentinel
    • Explore entities in Microsoft Sentinel
  • Module 5: Describe how to query, visualize, and monitor data in Microsoft Sentinel.

    • In this module you will:

    • Visualize security data using Microsoft Sentinel Workbooks.
    • Understand how queries work.
    • Explore workbook capabilities.
    • Create a Microsoft Sentinel Workbook.

Course Circullum

  • Module 1: Threat detection with Microsoft Sentinel analytics
    • Introduction
    • Exercise - Detect threats with Microsoft Sentinel analytics
    • What is Microsoft Sentinel Analytics?
    • Types of analytics rules
    • Create an analytics rule from templates
    • Create an analytics rule from wizard
    • Manage analytics rules
    • Exercise - Detect threats with Microsoft Sentinel analytics
    • Summary
  • Module 2: Threat response with Microsoft Sentinel playbooks
    • Introduction
    • Exercise - Create a Microsoft Sentinel playbook
    • What are Microsoft Sentinel playbooks?
    • Trigger a playbook in real-time
    • Run playbooks on demand
    • Exercise - Create a Microsoft Sentinel playbook
    • Summary
  • Module 3: Security incident management in Microsoft Sentinel
    • Introduction
    • Exercise setup
    • Describe incident management
    • Understand evidence and entities
    • Manage incidents
    • Exercise - Investigate an incident
    • Summary
  • Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel
    • Introduction
    • Understand user and entity behavior analytics
    • Explore entities
    • Display entity behavior information
    • Knowledge check
    • Summary and resources
  • Module 5: Query, visualize, and monitor data in Microsoft Sentinel
    • Introduction
    • Exercise - Query and visualize data with Microsoft Sentinel Workbooks
    • Monitor and visualize data
    • Query data using Kusto Query Language
    • Use default Microsoft Sentinel Workbooks
    • Create a new Microsoft Sentinel Workbook
    • Exercise - Visualize data using Microsoft Sentinel Workbooks
    • Summary

out of 5.0
5 Star 85%
4 Star 75%
3 Star 53%
1 Star 20%

Item Reviews - 3

Submit Reviews

Free Online Course

Enroll Now
This Course Include:
  • Module 1: Threat detection with Microsoft Sentinel analytics
    • Introduction
    • Exercise - Detect threats with Microsoft Sentinel analytics
    • What is Microsoft Sentinel Analytics?
    • Types of analytics rules
    • Create an analytics rule from templates
    • Create an analytics rule from wizard
    • Manage analytics rules
    • Exercise - Detect threats with Microsoft Sentinel analytics
    • Summary
  • Module 2: Threat response with Microsoft Sentinel playbooks
    • Introduction
    • Exercise - Create a Microsoft Sentinel playbook
    • What are Microsoft Sentinel playbooks?
    • Trigger a playbook in real-time
    • Run playbooks on demand
    • Exercise - Create a Microsoft Sentinel playbook
    • Summary
  • Module 3: Security incident management in Microsoft Sentinel
    • Introduction
    • Exercise setup
    • Describe incident management
    • Understand evidence and entities
    • Manage incidents
    • Exercise - Investigate an incident
    • Summary
  • Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel
    • Introduction
    • Understand user and entity behavior analytics
    • Explore entities
    • Display entity behavior information
    • Knowledge check
    • Summary and resources
  • Module 5: Query, visualize, and monitor data in Microsoft Sentinel
    • Introduction
    • Exercise - Query and visualize data with Microsoft Sentinel Workbooks
    • Monitor and visualize data
    • Query data using Kusto Query Language
    • Use default Microsoft Sentinel Workbooks
    • Create a new Microsoft Sentinel Workbook
    • Exercise - Visualize data using Microsoft Sentinel Workbooks
    • Summary
  • Provider:Microsoft Learn
  • Certificate:Not Avalible
  • Language:English
  • Duration:4-5 hours worth of material
  • Language CC:

Do You Have Questions ?

We'll help you to grow your career and growth.
Contact Us Today