Coursera Cuts Jobs Despite $100M Revenue Milestone

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

SC-200: Create detections and perform investigations using Microsoft Sentinel

Microsoft via Microsoft Learn

Go to class Write review

Overview

  • Module 1: Threat detection with Microsoft Sentinel analytics

    • In this module, you will:

    • Explain the importance of Microsoft Sentinel Analytics.
    • Explain different types of analytics rules.
    • Create rules from templates.
    • Create new analytics rules and queries using the analytics rule wizard.
    • Manage rules with modifications.
  • Module 2: Provide an introduction to implementing threat response with Microsoft Sentinel playbooks.

    • In this module you will:

    • Explain Microsoft Sentinel SOAR capabilities.
    • Explore the Microsoft Sentinel Logic Apps connector.
    • Create a playbook to automate an incident response.
    • Run a playbook on demand in response to an incident.
  • Module 3: Security incident management in Microsoft Sentinel

    • In this module, you will:

    • Understand Microsoft Sentinel incident management
    • Explore Microsoft Sentinel evidence and entity management
    • Investigate and manage incident resolution
  • Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel

    • Upon completion of this module, the learner will be able to:

    • Explain User and Entity Behavior Analytics in Azure Sentinel
    • Explore entities in Microsoft Sentinel
  • Module 5: Describe how to query, visualize, and monitor data in Microsoft Sentinel.

    • In this module you will:

    • Visualize security data using Microsoft Sentinel Workbooks.
    • Understand how queries work.
    • Explore workbook capabilities.
    • Create a Microsoft Sentinel Workbook.

Syllabus

  • Module 1: Threat detection with Microsoft Sentinel analytics
    • Introduction
    • Exercise - Detect threats with Microsoft Sentinel analytics
    • What is Microsoft Sentinel Analytics?
    • Types of analytics rules
    • Create an analytics rule from templates
    • Create an analytics rule from wizard
    • Manage analytics rules
    • Exercise - Detect threats with Microsoft Sentinel analytics
    • Summary
  • Module 2: Threat response with Microsoft Sentinel playbooks
    • Introduction
    • Exercise - Create a Microsoft Sentinel playbook
    • What are Microsoft Sentinel playbooks?
    • Trigger a playbook in real-time
    • Run playbooks on demand
    • Exercise - Create a Microsoft Sentinel playbook
    • Summary
  • Module 3: Security incident management in Microsoft Sentinel
    • Introduction
    • Exercise setup
    • Describe incident management
    • Understand evidence and entities
    • Manage incidents
    • Exercise - Investigate an incident
    • Summary
  • Module 4: Identify threats with User and Entity Behavior Analytics in Microsoft Sentinel
    • Introduction
    • Understand user and entity behavior analytics
    • Explore entities
    • Display entity behavior information
    • Knowledge check
    • Summary and resources
  • Module 5: Query, visualize, and monitor data in Microsoft Sentinel
    • Introduction
    • Exercise - Query and visualize data with Microsoft Sentinel Workbooks
    • Monitor and visualize data
    • Query data using Kusto Query Language
    • Use default Microsoft Sentinel Workbooks
    • Create a new Microsoft Sentinel Workbook
    • Exercise - Visualize data using Microsoft Sentinel Workbooks
    • Summary

Tags

Reviews

Start your review of SC-200: Create detections and perform investigations using Microsoft Sentinel

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.