Course Summary
Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender.
Key Topics:
• Microsoft Sentinel Configuration: Setup and management of Sentinel workspaces.
• Kusto Query Language (KQL): Utilize KQL for effective detection, analysis, and reporting of security incidents.
• Detection and Analysis: Perform threat detection and analysis using Sentinel.
• Reporting: Generate reports to track and respond to cyber threats.st.
Module 1: Mitigate Threats with Microsoft 365 Defender (25–30%)
Microsoft 365 Defender Overview: Manage threats to Microsoft Teams, SharePoint Online, OneDrive, and email.
Data Loss & Insider Risk: Respond to DLP and insider risk alerts.
Defender for Cloud Apps: Discover, manage, and remediate security risks.
Defender for Endpoint: Configure data retention, ASR, and manage endpoint threats.
Identity Threats: Mitigate risks in Microsoft Entra ID and AD DS.
Module 2: Manage Extended Detection & Response (XDR) in Microsoft 365 Defender
Incident Management: Handle incidents and automated investigations.
Custom Detections & Alerts: Configure and manage alerts and custom detections.
Threat Analytics: Use KQL and Microsoft Secure Score for risk identification.
Audit Features: Perform threat hunting using a unified audit log and advanced modes.
Module 3: Mitigate Threats with Microsoft Sentinel (50–55%)
Sentinel Workspace Design: Plan, configure, and manage workspaces, roles, and data storage.
Data Connectors & Ingestion: Set up and configure data connectors for various sources.
Analytics Rules: Manage security analytics, custom, and near-real-time rules.
SOAR: Configure automation rules, playbooks, and incident response workflows.
Incident Management: Triage, investigate, and respond to incidents using Sentinel.
Module 4: Mitigate Threats with Microsoft Defender for Cloud (15–20%)
Cloud Security Posture: Implement and manage cloud security settings and configurations.
Incident Response: Set up notifications, alert suppression, and workflow automation.
Threat Intelligence: Analyze threat intelligence reports and respond to cloud incidents.
Module 5: Threat Hunting and Behavioral Analytics
Hunting in Sentinel: Customize hunting queries, analyze attack vectors, and monitor queries.
User and Entity Behavior Analytics (UEBA): Configure settings and investigate anomalies.
Other Popular Courses
Mastering Communication & Presentation Te...
- Duration: 4 Days
- Language: Danish
- Level: Intermediate
- Exam: MCPT
Next Generation Mindfulness
- Duration: 1 Days
- Language: English
- Level: Foundation
- Exam: NGM
Nutanix Multicloud Infrastructure Design (NMC...
- Duration: 1 Days
- Language: English
- Level: Advanced
- Exam: Nutanix Certifi