Configure SIEM security operations using Microsoft Sentinel

training code: SC-5001 / ENG DL 1d / EN

A basic training course to prepare you for working with Microsoft Sentinel. The course covers configuring the Microsoft Sentinel workspace, learning about connectors, connecting event sources, creating analytical rules, and implementing automated threat response.

Security analysts responsible for managing, monitoring, and responding to threats,
IT professionals who need to implement an SMIE/SOAR system in their organization,
For those preparing for the Microsoft Certified: Security Operations Analyst Associate (SC-200) certification, this can serve as one of the preparatory steps for that certification.

Creating and configuring a Microsoft Sentinel workspace – You’ll learn about the types of workspaces, management, and costs.
Implementing the Microsoft Sentinel Content Hub solution – You’ll learn about the configuration options for event source connectors.
Connecting Windows hosts to Microsoft Sentinel – You will connect your first event sources.
Configuring analysis rules in Microsoft Sentinel – You will learn how to build analysis rules to detect threats.
Configuring automation in Microsoft Sentinel – You will create automation rules in Microsoft Sentinel.
This can serve as part of the preparation process for the SC-200 exam, providing an overview of the practical topics and competencies required for the role of a security operations analyst.

1.Create and manage Microsoft Sentinel workspaces.

- Plan a Microsoft Sentinel workspace.
- Create a Microsoft Sentinel workspace.
- Manage workspaces across tenants using Azure Lighthouse.
- Overview of Microsoft Sentinel permissions and roles.

2.Connecting Microsoft services to Microsoft Sentinel.

- Planning Microsoft service connectors.
- Connecting the Microsoft 365 connector.
- Connecting the Microsoft Entra connector.
- Connecting the Azure Activity connector.

3.Connecting Windows hosts to Microsoft Sentinel.

- Planning the Windows Host Security Events connector.
- Connecting using Windows Security Events via the AMA connector.

4.Detecting threats using Microsoft Sentinel analytics.

- What is Microsoft Sentinel analytics?
- Types of analytics rules.
- Create an analysis rule based on templates.
- Create an analysis rule using the wizard.
- Manage analysis rules.

5.Automation in Microsoft Sentinel.

- Overview of automation options.
- Create automation rules.

Basic knowledge of the Microsoft Azure platform—at the level of the “Microsoft Azure Fundamentals, AZ-900” course.
Familiarity with incident management topics – alerts, incidents, closure, and hunting.
Experience using Kusto Query Language (KQL).
Completion of the “Introduction to Microsoft Security, Compliance, and Identity, SC-900” training track (recommended).

manual in electronic form available on the platform:
https://learn.microsoft.com/pl-pl/training/
access to Altkom Akademia's student portal

Training: English
Materials: English

Contact our consultant

Your name*

Phone*

Email*

Company name

Message*

I consent to the storage and processing of my personal data for the purposes of the application process by Altkom Akademia S.A., 51 Chłodna St., 00-867 Warsaw, in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data ("RODO"). The provision of data is voluntary, but necessary for the execution of the application. I am aware of the fact that I have the right to withdraw my consent to the processing of my data, to rectify, delete or restrict the processing. Contact the Altkom Data Protection Officer: iodo@altkom.pl If you want to know more about the protection of personal data at Altkom Akademia SA, please visit: https://www.altkomakademia.pl/en/privacy-policy/.

I consent to the processing of my personal data for marketing purposes. Expressing consent is voluntary. I am aware of the fact that I have the right to withdraw consent to the processing of my data, rectify it, delete it or limit its processing. The administrator of your data is Altkom Akademia S.A., ul. Chłodna 51, 00-867 Warsaw. Contact to the personal data protection officer at Altkom: iodo@altkom.pl If you want to know more about the protection of personal data at Altkom Akademia SA, please visit: https://www.altkomakademia.pl/en/privacy-policy/.

Configure SIEM security operations using Microsoft Sentinel

Microsoft 365 Administrator

Introduction to Cloud Infrastructure

Introduction to Microsoft Security, Compliance, and Identity

Configure SIEM security operations using Microsoft Sentinel

Microsoft Cybersecurity Architect

Docker in practice

Effective B2B Marketing Strategy

Professional Diploma in UX Design

Continuous Testing Foundation (CTF)- accredited training with exam

SAP Global Certification, Online Exam (6 attempts)

Adobe In Design – documents for publishing

Artificial intelligence as customer service support

Certified Advanced Level Tester - training to prepare for the ISTQB® Certified Tester Advanced Level Test Manager exam

MS Excel – Multidimensional analysis with Power Pivot using DAX

Certified Strategy & Leadership Course – e-learning