Description

Module 1: Threat detection with Microsoft Sentinel analyticsIn this module, you will:Explain the importance of Microsoft Sentinel Analytics.Explain different types of analytics rules.Create rules from templates.Create new analytics rules and queries using the analytics rule wizard.Manage rules with modifications.Module 2: Provide an introduction to implementing threat response with Microsoft Sentinel playbooks.In this module you will:Explain Microsoft Sentinel SOAR capabilities.Explore the Microsoft Sentinel Logic Apps connector.Create a playbook to automate an incident response.Run a playbook on demand in response to an incident.Module 3: Security incident management in Microsoft SentinelIn this module, you will:Understand Microsoft Sentinel incident managementExplore Microsoft Sentinel evidence and entity managementInvestigate and manage incident resolutionModule 4: Identify threats with User and Entity Behavior Analytics in Microsoft SentinelUpon completion of this module, the learner will be able to:Explain User and Entity Behavior Analytics in Azure SentinelExplore entities in Microsoft SentinelModule 5: Describe how to query, visualize, and monitor data in Microsoft Sentinel.In this module you will:Visualize security data using Microsoft Sentinel Workbooks.Understand how queries work.Explore workbook capabilities.Create a Microsoft Sentinel Workbook.

Tags

Syllabus

Syllabus Module 1: Threat detection with Microsoft Sentinel analyticsIntroductionExercise - Detect threats with Microsoft Sentinel analyticsWhat is Microsoft Sentinel Analytics?Types of analytics rulesCreate an analytics rule from templatesCreate an analytics rule from wizardManage analytics rulesExercise - Detect threats with Microsoft Sentinel analyticsSummaryModule 2: Threat response with Microsoft Sentinel playbooksIntroductionExercise - Create a Microsoft Sentinel playbookWhat are Microsoft Sentinel playbooks?Trigger a playbook in real-timeRun playbooks on demandExercise - Create a Microsoft Sentinel playbookSummaryModule 3: Security incident management in Microsoft SentinelIntroductionExercise setupDescribe incident managementUnderstand evidence and entitiesManage incidentsExercise - Investigate an incidentSummaryModule 4: Identify threats with User and Entity Behavior Analytics in Microsoft SentinelIntroductionUnderstand user and entity behavior analyticsExplore entitiesDisplay entity behavior informationKnowledge checkSummary and resourcesModule 5: Query, visualize, and monitor data in Microsoft SentinelIntroductionExercise - Query and visualize data with Microsoft Sentinel WorkbooksMonitor and visualize dataQuery data using Kusto Query LanguageUse default Microsoft Sentinel WorkbooksCreate a new Microsoft Sentinel WorkbookExercise - Visualize data using Microsoft Sentinel WorkbooksSummary Read more