SC-5001: Configure SIEM Security Operations using Microsoft Sentinel

Description

This course focuses on mastering the configuration and operation of SIEM (Security Information and Event Management) using Microsoft Sentinel. It is designed to help professionals collect, detect, investigate, and respond to security threats.

Agenda and topics covered

  • Create and configure a Microsoft Sentinel workspace
  • Deploy a Microsoft Sentinel content hub solution
  • Configure analytics rules in Microsoft Sentinel
  • Configure automation in Microsoft Sentinel"

Audience

This course is intended for IT professionals who are responsible for configuring and managing SIEM operations, including security analysts and administrators.

Curriculum

  • Module 1: Configuration of Microsoft Sentinel workspace
  • Module 2: Connection of Microsoft services to Microsoft Sentinel
  • Module 3: Connection of Windows hosts to Microsoft Sentinel for security event management
  • Module 4: Threat detection using Microsoft Sentinel.

Prerequisites

Candidates for this credential should be familiar with Microsoft Security, compliance, and identity products; the Azure portal; and Azure administration, including role-based access control (RBAC).