Overview
-
- Module 1: Threat detection with Microsoft Sentinel analytics
- Explain the importance of Microsoft Sentinel Analytics.
- Explain different types of analytics rules.
- Create rules from templates.
- Create new analytics rules and queries using the analytics rule wizard.
- Manage rules with modifications.
- Module 2: Provide an introduction to implementing threat response with Microsoft Sentinel playbooks.
- Explain Microsoft Sentinel SOAR capabilities.
- Explore the Microsoft Sentinel Logic Apps connector.
- Create a playbook to automate an incident response.
- Run a playbook on demand in response to an incident.
- Module 3: Security incident management in Microsoft Sentinel
- Understand Microsoft Sentinel incident management
- Explore Microsoft Sentinel evidence and entity management
- Investigate and manage incident resolution
- Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel
- Explain User and Entity Behavior Analytics in Azure Sentinel
- Explore entities in Microsoft Sentinel
- Module 5: Describe how to query, visualize, and monitor data in Microsoft Sentinel.
- Visualize security data using Microsoft Sentinel Workbooks.
- Understand how queries work.
- Explore workbook capabilities.
- Create a Microsoft Sentinel Workbook.
In this module, you will:
In this module you will:
In this module, you will:
Upon completion of this module, the learner will be able to:
In this module you will:
