Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

SC-200: Perform threat hunting in Microsoft Sentinel

Microsoft via Microsoft Learn

Go to class Write review

Overview

Module 1: Explain threat hunting concepts in Microsoft Sentinel

Upon completion of this module, the learner will be able to:

Describe threat hunting concepts for use with Microsoft Sentinel
Define a threat hunting hypothesis for use in Microsoft Sentinel

Module 2: Threat hunting with Microsoft Sentinel

In this module, you will:

Use queries to hunt for threats.
Save key findings with bookmarks.
Observe threats over time with livestream.

Module 3: Hunt for threats using notebooks in Microsoft Sentinel

Upon completion of this module, the learner will be able to:

Explore API libraries for advanced threat hunting in Microsoft Sentinel
Describe notebooks in Microsoft Sentinel
Create and use notebooks in Microsoft Sentinel

Syllabus

Module 1: Explain threat hunting concepts in Microsoft Sentinel

Introduction
Understand cybersecurity threat hunts
Develop a hypothesis
Knowledge check
Summary and resources

Module 2: Threat hunting with Microsoft Sentinel

Introduction
Exercise setup
Explore creation and management of Microsoft Sentinel threat-hunting queries
Save key findings with bookmarks
Observe threats over time with livestream
Exercise - Hunt for threats by using Microsoft Sentinel
Summary

Module 3: Hunt for threats using notebooks in Microsoft Sentinel

Introduction
Access Azure Sentinel data with external tools
Hunt with notebooks
Create a notebook
Explore notebook code
Knowledge check
Summary and resources

Tags

united states

Reviews

Start your review of SC-200: Perform threat hunting in Microsoft Sentinel