SC-5001: Configure SIEM security operations using Microsoft Sentinel

• Create and configure a Microsoft Sentinel workspace.
• Implementing a Microsoft Sentinel Content Center Solution
• Configuring analysis rules in Microsoft Sentinel
• Setting up automation in Microsoft Sentinel"

Configuring SIEM Security Operations Using Microsoft Sentinel

• Creating and managing Microsoft Sentinel workspaces: Learn about the architecture of Microsoft Sentinel workspaces to ensure you configure the system to meet your organization's security operations requirements.
• Connecting Microsoft services to Microsoft Sentinel: Learn how to connect Microsoft 365 and Azure service logs to Microsoft Sentinel.
• Connecting Windows Hosts to Microsoft Sentinel: One of the most common logs collected is Windows Security Events. See how Microsoft Sentinel makes this task easier with the Security Events connector.
• Detecting threats with Microsoft Sentinel analytics: In this module, you learned how Microsoft Sentinel analytics can help your security operations team identify and stop cyberattacks.
• Automation in Microsoft Sentinel: By the end of this module, you will be able to use automation rules in Microsoft Sentinel to automate incident management. Configuring SIEM Security Operations Using Microsoft Sentinel: In this module, you learned how to configure SIEM security operations using Microsoft Sentinel.

Familiarity with Microsoft security, compliance, and identity products; the Azure portal; and Azure administration, including role-based access control (RBAC) is recommended.

• Course: English / Spanish
  
• Labs: English / Spanish

This course is part of the Microsoft Applied Skills Credentials.

To earn this Microsoft Applied Skills credential, learners must demonstrate their ability to install and configure Microsoft Sentinel.

Applied Skills: Explore all credentials in one guide