SC-200: Configure your Microsoft Sentinel environment

via Microsoft Learn

Microsoft Learn

178 Courses


Overview

Title: SC-200: Configure your Microsoft Sentinel environment.

Join us for a comprehensive training session where you will dive deep into the capabilities of Microsoft Sentinel, a top-tier, cloud-native SIEM (Security Information and Event Management) service offered by Microsoft Learn. This course is essential for security operations analysts and all IT professionals working in security who wish to master Microsoft Sentinel.

  • Module 1: Introduction to Microsoft Sentinel
    • Understand the key components and functionalities of Microsoft Sentinel.
    • Explore various use cases where Microsoft Sentinel provides optimal security solutions.
  • Module 2: Managing Microsoft Sentinel Workspaces
    • Learn about the architecture of Microsoft Sentinel workspaces.
    • Gain skills in installing and managing a Microsoft Sentinel workspace.
  • Module 3: Working with Logs
    • Utilize the Logs page to access data tables in Microsoft Sentinel.
    • Practice querying frequently used tables using Microsoft Sentinel.
  • Module 4: Utilizing Watchlists
    • Create and implement watchlists within Microsoft Sentinel.
    • Apply KQL (Kusto Query Language) to manage watchlist data efficiently.
  • Module 5: Threat Intelligence Integration
    • Administer threat indicators using Microsoft Sentinel.
    • Leverage KQL to integrate and access threat intelligence information seamlessly.

This course falls under several key categories including Threat Intelligence Courses, SC-200: Microsoft Security Operations Analyst Courses, and Microsoft Sentinel Courses, ensuring a specialized learning path tailored for enhancing your security operations skills.

Syllabus


Taught by


Tags

united states

provider Microsoft Learn

Microsoft Learn

178 Courses


Microsoft Learn

pricing Free Online Course
language English
duration 2 hours
sessions On-Demand
level Intermediate