Overview
In this online training course, students will gain the knowledge and skills to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.
Exam SC-200: Microsoft Security Operations Analyst
COURSE INSTRUCTOR: Charles Zacharias, Microsoft, Cybersecurity, F5
COURSE DIFFICULTY: Intermediate
COURSE DURATION: 14h
After completing this online training course, students will be able to:
-
Mitigate threats using Microsoft 365 Defender
-
Mitigate threats using Microsoft Defender for Cloud
-
Mitigate threats using Microsoft Sentinel
This course is for Microsoft security professionals and those wanting to earn the Microsoft Certified: Security Operations Analyst Associate certification.
None but we recommend:
- Fundamental understanding of Microsoft security, compliance, and identity products
- Basic understanding of Microsoft 365
- Overview
- Exploring the Dashboard
- Defender for Endpoint Security
- Defender for Endpoint Monitoring
- Overview
- Incidents and Alerts, Hunting, Vulnerability Management
- Email and Collaboration, Cloud Apps
- Working with Defender for Cloud
- Enable Auto Provisioning
- Adding a Non-Azure Server
- Adding Linux Machines
- Viewing Security Recommendations
- GCP, Alerts
- Creating Logic Apps
- Adding a Workflow
- Creating a Suppression Rule
- Exploring Suppressions Rules
- Overview
- Examples
- Sentinel Overview and Initial Setup
- Permissions, Roles and Log Analytics
- Data Connectors, Watchlists and Threat Intelligence
- Logging and Importing Overview and Example
- Alerts and Investigation Overview
- Exploring Alerts and Investigation
- Alerts and Investigation Syslog
- Sentinel Analytics Overview
- Sentinel Analytics Rule Examples
- Threat Response
- Threat Response Setup
- Security Incident Management
- Anomaly Rules
- Threat Hunting Rules
- Hunting Queries