SC-200 Microsoft Security Operations Analyst, Part 6 of 9: Configure Microsoft Sentinel
with expert Cristian Calinescu
Watch trailer
Course at a glance
Included in these subscriptions:
- Dev & IT Pro Video
- Dev & IT Pro Power Pack
| Release date | 3/25/2022 | |
| Level | Intermediate | |
| Runtime | 0h 59m | |
| Closed captioning | N/A | |
| Transcript | N/A | |
| eBooks / courseware | N/A | |
| Hands-on labs | N/A | |
| Sample code | Included | |
| Exams | Included |
Course description
The SC-200 Microsoft Security Operations Analyst exam measures your ability to accomplish the following technical tasks: mitigate threats using Microsoft 365 Defender (25-30%); mitigate threats using Microsoft Defender for Cloud (25-30%); and mitigate threats using Microsoft Sentinel (40-45%) .
This course covers Configure Microsoft Sentinel.
Prerequisites
Basic understanding of Microsoft 365, environment, security, compliance and identity products.
Windows 10/11
familiarity wit Azure services, DB, Storage
basic understanding of Scripting concepts
Meet the expert
Cristian Calinescu is a Microsoft certified Azure Solutions Architect Expert, Senior Infrastructure Engineer and Infrastructure Security Operations Manager.
Course outline
Module 9
Microsoft Sentinel Overview (33:32)
- Introduction (00:08)
- Microsoft Sentinel Overview (01:14)
- Sentinel Explained (04:12)
- How Sentinel Works (07:02)
- When to Use Sentinel (03:11)
- Create and Manage Microsoft Sentinel workspaces (00:37)
- Single Tenant Workspace (06:45)
- Demo: Workspaces (10:12)
- Summary (00:08)
Query Logs in Microsoft Sentinel (25:53)
- Introduction (00:08)
- Query logs in Microsoft Sentinel (01:39)
- Understand Sentinel Tables (03:52)
- Demo: Logs Window (01:19)
- Use Watchlists in Microsoft Sentinel (00:28)
- Plan for Sentinel Watchlist (03:04)
- Demo: Create Watchlist (04:10)
- Use Threat Intelligence in Microsoft Sentinel (00:32)
- Define Threat Intelligence (05:47)
- Demo: Manage Threat Indicators (04:40)
- Summary (00:08)