- Module 1: Get familiar with Microsoft Sentinel, a cloud-native, security information and event management (SIEM) service.
- Identify the various components and functionality of Microsoft Sentinel.
- Identify use cases where Microsoft Sentinel would be a good solution.
- Module 2: Create and manage Microsoft Sentinel workspaces
- Describe Microsoft Sentinel workspace architecture
- Install Microsoft Sentinel workspace
- Manage an Microsoft Sentinel workspace
- Module 3: Query logs in Microsoft Sentinel
- Use the Logs page to view data tables in Microsoft Sentinel
- Query the most used tables using Microsoft Sentinel
- Module 4: Use watchlists in Microsoft Sentinel
- Create a watchlist in Microsoft Sentinel
- Use KQL to access the watchlist in Microsoft Sentinel
- Module 5: Utilize threat intelligence in Microsoft Sentinel
- Manage threat indicators in Microsoft Sentinel
- Use KQL to access threat indicators in Microsoft Sentinel
By the end of this module, you will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to:
Upon completion of this module, the learner will be able to: