Azure Sentinel course: Monitoring and automation. The Azure Security center.
- Unit 1: Implementation of Azure Security Center. Access to instant virtual machines
- Unit 2: What is Azure Sentinel? Azure Sentinel prerequisites. Azure Monitor, alert management, connected sources and log analysis.
- Demo: Configuring Azure Sentinel prerequisites
- Unit 3: Azure Sentinel Portal Details
- Unit 4: Core operations pillars of Azure Sentinel. Directives and Recommendations
- Unit 5: Threat hunting with Azure Sentinel.
- Unit 6: Create Crash Dashboards with Sentinel Workbooks
- Unit 7: Automating Threat Response Using Sentinel Playbooks
- Unit 8: Incident investigation with Azure Sentinel
- Task 1: Deploy an Azure virtual machine
- Task 2: Create a Log Analytics workspace
- Task 3: Enable the Log Analytics Virtual Machine Extension
- Task 4: Collect virtual machine performance and event data
- Task 5: View and query collected data
- Task 6: Implement a security center
- Task 7: Configure Azure Security Center
- Task 8: Implement Security Center recommendations for installing the Guest Configuration extension
- Task 9. Implement Just In Time for Virtual Machines
- Task 10: Create a proof of concept with Azure Sentinel
- Task 11: Get data from Azure Activity and Security Center
- Task 12: Create and manage default and custom alerts
- Task 13: Using workbooks to automate incident responses
- Task 14: Access and manage Azure Sentinel
- Task 15: Connection activity with Azure Sentinel
- Task 16: Create a rule that uses the Azure Activity Data Connector.
- Task 17: Design and creation of workbooks
- Task 18: Invoke incidents and review associated actions.
The results of practicing with Azure Sentinel are that you created an Azure Sentinel workspace, connected it to Azure activity logs, created a playbook, and created custom alerts that are triggered in response to deleting policies. virtual machine access just in time and has verified that the configuration is valid.
Duration 70 hours in teletraining mode. With official Microsoft material. Approved laboratories and trainers certified by the manufacturer with 20 years of experience in security solutions.