Dive into a comprehensive 90-minute webinar on configuring Microsoft Sentinel environments. Explore the fundamentals of security information and event management (SIEM), understand Microsoft Sentinel's components and functionality, and learn how to set up and manage workspaces effectively. Gain insights into data connectors, log retention, analytics rules, incident investigations, automation, and threat hunting. Follow along with a live demo on creating a Microsoft Sentinel workspace and discover best practices for managing settings and configuring logs. Perfect for IT professionals looking to enhance their organization's cloud security operations.
Overview
Syllabus
- Introduction
- Learning objectives
- What is security information and event management?
- What is Microsoft Sentinel
- How Microsoft Sentinel works
- Data connectors
- Querying and log retention
- Analytics rules
- Incidents and investigations
- Automation rules and playbooks
- User entity behavior analytics
- Threat hunting and notebooks
- Threat intelligence and watchlists
- When to use Microsoft Sentinel
- Knowledge check
- Create and manage Microsoft Sentinel workspaces
- Learning objectives
- Plan for the Microsoft Sentinel workspace
- Single-tenant single workspace
- Multi=tenant workspace
- Understand Microsoft Sentinel permissions and roles
- Demo - Create a Microsoft Sentinel workspace
- Manage Microsoft Sentinel settings
- Configure logs
- Summary and conclusions
Taught by
Microsoft Developer
Tags
Related Courses
-
Configure SIEM security operations using Microsoft Sentinel
-
SC-200: Configure your Microsoft Sentinel environment
-
Configure SIEM Security Operation using Microsoft Sentinel
-
Cloud-native security operations with Microsoft Sentinel
-
SC-200: Create detections and perform investigations using Microsoft Sentinel
-
SC-200: Connect logs to Microsoft Sentinel
