SpireTecSolutions
SC - 200 : Microsoft Security Operations Analyst Training
SpireTecSolutions, Columbia, South Carolina, United States
SC - 200 : Microsoft Security Operations Analyst
The "SC-200: Microsoft Security Operations Analyst" course teaches how to investigate, respond to, and hunt for threats using Microsoft Azure Sentinel, Azure Defender, and Microsoft 365 Defender. It covers configuring and using Azure Sentinel, performing detection, analysis, and reporting with Kusto Query Language (KQL), and mitigating cyberthreats. Designed for Security Operations roles, this course prepares learners for the SC-200 exam.
SC - 200 : Microsoft Security Operations Analyst
The
SC - 200 : Microsoft Security Operations Analyst
course is designed to provide learners with the knowledge and skills to mitigate threats using various Microsoft security solutions. It covers a comprehensive range of topics, including how to protect, detect, respond, and hunt for cybersecurity threats across Microsoft 365 Defender, Azure Defender, and Azure Sentinel. Learners will be equipped to set up Microsoft Defender for Endpoint, manage incidents, investigate alerts, and configure Advanced threat protection features. They will also learn to safeguard identities with Azure AD Identity Protection, protect against threats in Microsoft 365, and secure cloud apps with Microsoft Cloud App Security. Additionally, the course delves into Azure Sentinel, teaching how to create queries using Kusto Query Language (KQL), configure the Azure Sentinel environment, connect logs, create detections, investigate threats, and perform proactive Threat hunting. By mastering these skills, learners will be able to effectively perform Device investigations, configure and manage automation, and mitigate attacks using the suite of Microsoft security tools. This course prepares them for the Microsoft Security Operations Analyst role and the SC-200 certification exam. Audience Profile: The Microsoft Security Operations Analyst works closely with organizational stakeholders to secure IT systems, aiming to minimize risk by quickly addressing active threats, recommending improvements to threat protection practices, and reporting policy violations. This role involves threat management, monitoring, and response using various security solutions, including Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Analysts also play a key role in the configuration and deployment of these technologies. At Course Completion: After completing this course, students will be able to: Explain how Microsoft Defender for Endpoint can remediate risks and create a Defender for Endpoint environment. Configure Attack Surface Reduction rules on Windows 10 devices and perform actions using Microsoft Defender for Endpoint. Investigate domains, IP addresses, and user accounts in Microsoft Defender for Endpoint. Configure alert settings and understand the evolving threat landscape. Conduct advanced hunting and manage incidents in Microsoft 365 Defender. Explain how Microsoft Defender for Identity can remediate risks and investigate DLP alerts in Microsoft Cloud App Security. Configure auto-provisioning and remediate alerts in Azure Defender. Construct and use KQL (Kusto Query Language) statements for filtering, extracting, and managing data. Manage an Azure Sentinel workspace, including configuring Log Analytics agents, creating analytics rules and queries, and automating incident responses. Use queries to hunt for threats and monitor them over time with livestream. Prerequisites: Basic understanding of Microsoft 365 and fundamental Microsoft security, compliance, and identity products. Intermediate understanding of Windows 10. Familiarity with Azure services, including Azure SQL Database, Azure Storage, Azure virtual machines, and virtual networking. Basic understanding of scripting concepts. Course Outline: Module 1: Mitigate threats using Microsoft Defender for Endpoint Protect against threats with Microsoft Defender for Endpoint Deploy the Microsoft Defender for Endpoint environment Implement Windows 10 security enhancements with Microsoft Defender for Endpoint Manage alerts and incidents in Microsoft Defender for Endpoint Perform device investigations in Microsoft Defender for Endpoint Perform actions on a device using Microsoft Defender for Endpoint Perform evidence and entities investigations using Microsoft Defender for Endpoint Configure and manage automation using Microsoft Defender for Endpoint Configure for alerts and detections in Microsoft Defender for Endpoint Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint Lab: Mitigate threats using Microsoft Defender for Endpoint Mitigate Attacks using Defender for Endpoint Module 2: Mitigate threats using Microsoft 365 Defender Introduction to threat protection with Microsoft 365 Mitigate incidents using Microsoft 365 Defender Protect your identities with Azure AD Identity Protection Remediate risks with Microsoft Defender for Office 365 Safeguard your environment with Microsoft Defender for Identity Secure your cloud apps and services with Microsoft Cloud App Security Respond to data loss prevention alerts using Microsoft 365 Manage insider risk in Microsoft 365 Lab: Mitigate threats using Microsoft 365 Defender Mitigate Attacks with Microsoft 365 Defender Module 3: Mitigate threats using Azure Defender Plan for cloud workload protections using Azure Defender Explain cloud workload protections in Azure Defender Connect Azure assets to Azure Defender Remediate security alerts using Azure Defender Lab: Mitigate threats using Azure Defender Mitigate Attacks with Azure Defender Construct KQL statements for Azure Sentinel Build multi-table statements using KQL Work with data in Azure Sentinel using Kusto Query Language Lab: Construct Basic KQL Statements Build multi-table statements using KQL Work with string data using KQL statements Introduction to Azure Sentinel Create and manage Azure Sentinel workspaces Query logs in Azure Sentinel Use watchlists in Azure Sentinel Utilize threat intelligence in Azure Sentinel Lab: Create a Watchlist Module 6: Connect logs to Azure Sentinel Connect data to Azure Sentinel using data connectors Connect Microsoft services to Azure Sentinel Connect Microsoft 365 Defender to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Common Event Format logs to Azure Sentinel Connect syslog data sources to Azure Sentinel Connect threat indicators to Azure Sentinel Lab: Connect logs to Azure Sentinel Connect Microsoft services to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Linux hosts to Azure Sentinel Connect Threat intelligence to Azure Sentinel Module 7: Create detections and perform investigations using Azure Sentinel Threat detection with Azure Sentinel analytics Threat response with Azure Sentinel playbooks Security incident management in Azure Sentinel Use entity behavior analytics in Azure Sentinel Query, visualize, and monitor data in Azure Sentinel Lab: Create detections and perform investigations using Azure Sentinel Create Analytical Rules Model Attacks to Define Rule Logic Module 8: Perform threat hunting in Azure Sentinel Threat hunting with Azure Sentinel Hunt for threats using notebooks in Azure Sentinel Benefit from our 1-On-1 Training for personalized, focused, and effective learning experiences. Customized Training
Experience our Customized Training service tailored to meet your specific learning needs and goals Join our Class featuring 4 - Hours / Weekend Session for in-depth learning and expert training. Free Demo Class
Join our Free Demo Class to experience top-notch training and expert guidance first hand! Purchase This Course
Add Exam Live Online Training (Duration : 32 Hours) Guaranteed to run classes as per your convenient time zone Industry experienced & certified trainers Query Handling session by technical expert after 2 month completion of training Custom tailored training as per the requirement Exam assistance Exam Mock papers 100% Quality assurance with certified & industry experienced Trainer 4 Hours Week Days Request More Information
nbb5Q CERTIFICATE Get Ahead With SpireTec Solutions Training Certificate
Earn your Certificate
Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. Differentiate yourself with Masters Certificate
Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. Share your achievement
Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. The
SC - 200 : Microsoft Security Operations Analyst
course is designed to provide learners with the knowledge and skills to mitigate threats using various Microsoft security solutions. It covers a comprehensive range of topics, including how to protect, detect, respond, and hunt for cybersecurity threats across Microsoft 365 Defender, Azure Defender, and Azure Sentinel. Learners will be equipped to set up Microsoft Defender for Endpoint, manage incidents, investigate alerts, and configure Advanced threat protection features. They will also learn to safeguard identities with Azure AD Identity Protection, protect against threats in Microsoft 365, and secure cloud apps with Microsoft Cloud App Security. Additionally, the course delves into Azure Sentinel, teaching how to create queries using Kusto Query Language (KQL), configure the Azure Sentinel environment, connect logs, create detections, investigate threats, and perform proactive Threat hunting. By mastering these skills, learners will be able to effectively perform Device investigations, configure and manage automation, and mitigate attacks using the suite of Microsoft security tools. This course prepares them for the Microsoft Security Operations Analyst role and the SC-200 certification exam. Audience Profile: The Microsoft Security Operations Analyst works closely with organizational stakeholders to secure IT systems, aiming to minimize risk by quickly addressing active threats, recommending improvements to threat protection practices, and reporting policy violations. This role involves threat management, monitoring, and response using various security solutions, including Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Analysts also play a key role in the configuration and deployment of these technologies. At Course Completion: After completing this course, students will be able to: Explain how Microsoft Defender for Endpoint can remediate risks and create a Defender for Endpoint environment. Configure Attack Surface Reduction rules on Windows 10 devices and perform actions using Microsoft Defender for Endpoint. Investigate domains, IP addresses, and user accounts in Microsoft Defender for Endpoint. Configure alert settings and understand the evolving threat landscape. Conduct advanced hunting and manage incidents in Microsoft 365 Defender. Explain how Microsoft Defender for Identity can remediate risks and investigate DLP alerts in Microsoft Cloud App Security. Configure auto-provisioning and remediate alerts in Azure Defender. Construct and use KQL (Kusto Query Language) statements for filtering, extracting, and managing data. Manage an Azure Sentinel workspace, including configuring Log Analytics agents, creating analytics rules and queries, and automating incident responses. Use queries to hunt for threats and monitor them over time with livestream. Prerequisites: Basic understanding of Microsoft 365 and fundamental Microsoft security, compliance, and identity products. Intermediate understanding of Windows 10. Familiarity with Azure services, including Azure SQL Database, Azure Storage, Azure virtual machines, and virtual networking. Basic understanding of scripting concepts. Course Outline: Module 1: Mitigate threats using Microsoft Defender for Endpoint Protect against threats with Microsoft Defender for Endpoint Deploy the Microsoft Defender for Endpoint environment Implement Windows 10 security enhancements with Microsoft Defender for Endpoint Manage alerts and incidents in Microsoft Defender for Endpoint Perform device investigations in Microsoft Defender for Endpoint Perform actions on a device using Microsoft Defender for Endpoint Perform evidence and entities investigations using Microsoft Defender for Endpoint Configure and manage automation using Microsoft Defender for Endpoint Configure for alerts and detections in Microsoft Defender for Endpoint Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint Lab: Mitigate threats using Microsoft Defender for Endpoint Mitigate Attacks using Defender for Endpoint Module 2: Mitigate threats using Microsoft 365 Defender Introduction to threat protection with Microsoft 365 Mitigate incidents using Microsoft 365 Defender Protect your identities with Azure AD Identity Protection Remediate risks with Microsoft Defender for Office 365 Safeguard your environment with Microsoft Defender for Identity Secure your cloud apps and services with Microsoft Cloud App Security Respond to data loss prevention alerts using Microsoft 365 Manage insider risk in Microsoft 365 Lab: Mitigate threats using Microsoft 365 Defender Mitigate Attacks with Microsoft 365 Defender Module 3: Mitigate threats using Azure Defender Plan for cloud workload protections using Azure Defender Explain cloud workload protections in Azure Defender Connect Azure assets to Azure Defender Remediate security alerts using Azure Defender Lab: Mitigate threats using Azure Defender Mitigate Attacks with Azure Defender Construct KQL statements for Azure Sentinel Build multi-table statements using KQL Work with data in Azure Sentinel using Kusto Query Language Lab: Construct Basic KQL Statements Build multi-table statements using KQL Work with string data using KQL statements Introduction to Azure Sentinel Create and manage Azure Sentinel workspaces Query logs in Azure Sentinel Use watchlists in Azure Sentinel Utilize threat intelligence in Azure Sentinel Lab: Create a Watchlist Module 6: Connect logs to Azure Sentinel Connect data to Azure Sentinel using data connectors Connect Microsoft services to Azure Sentinel Connect Microsoft 365 Defender to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Common Event Format logs to Azure Sentinel Connect syslog data sources to Azure Sentinel Connect threat indicators to Azure Sentinel Lab: Connect logs to Azure Sentinel Connect Microsoft services to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Linux hosts to Azure Sentinel Connect Threat intelligence to Azure Sentinel Module 7: Create detections and perform investigations using Azure Sentinel Threat detection with Azure Sentinel analytics Threat response with Azure Sentinel playbooks Security incident management in Azure Sentinel Use entity behavior analytics in Azure Sentinel Query, visualize, and monitor data in Azure Sentinel Lab: Create detections and perform investigations using Azure Sentinel Create Analytical Rules Model Attacks to Define Rule Logic Module 8: Perform threat hunting in Azure Sentinel Threat hunting with Azure Sentinel Hunt for threats using notebooks in Azure Sentinel
#J-18808-Ljbffr
The
SC - 200 : Microsoft Security Operations Analyst
course is designed to provide learners with the knowledge and skills to mitigate threats using various Microsoft security solutions. It covers a comprehensive range of topics, including how to protect, detect, respond, and hunt for cybersecurity threats across Microsoft 365 Defender, Azure Defender, and Azure Sentinel. Learners will be equipped to set up Microsoft Defender for Endpoint, manage incidents, investigate alerts, and configure Advanced threat protection features. They will also learn to safeguard identities with Azure AD Identity Protection, protect against threats in Microsoft 365, and secure cloud apps with Microsoft Cloud App Security. Additionally, the course delves into Azure Sentinel, teaching how to create queries using Kusto Query Language (KQL), configure the Azure Sentinel environment, connect logs, create detections, investigate threats, and perform proactive Threat hunting. By mastering these skills, learners will be able to effectively perform Device investigations, configure and manage automation, and mitigate attacks using the suite of Microsoft security tools. This course prepares them for the Microsoft Security Operations Analyst role and the SC-200 certification exam. Audience Profile: The Microsoft Security Operations Analyst works closely with organizational stakeholders to secure IT systems, aiming to minimize risk by quickly addressing active threats, recommending improvements to threat protection practices, and reporting policy violations. This role involves threat management, monitoring, and response using various security solutions, including Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Analysts also play a key role in the configuration and deployment of these technologies. At Course Completion: After completing this course, students will be able to: Explain how Microsoft Defender for Endpoint can remediate risks and create a Defender for Endpoint environment. Configure Attack Surface Reduction rules on Windows 10 devices and perform actions using Microsoft Defender for Endpoint. Investigate domains, IP addresses, and user accounts in Microsoft Defender for Endpoint. Configure alert settings and understand the evolving threat landscape. Conduct advanced hunting and manage incidents in Microsoft 365 Defender. Explain how Microsoft Defender for Identity can remediate risks and investigate DLP alerts in Microsoft Cloud App Security. Configure auto-provisioning and remediate alerts in Azure Defender. Construct and use KQL (Kusto Query Language) statements for filtering, extracting, and managing data. Manage an Azure Sentinel workspace, including configuring Log Analytics agents, creating analytics rules and queries, and automating incident responses. Use queries to hunt for threats and monitor them over time with livestream. Prerequisites: Basic understanding of Microsoft 365 and fundamental Microsoft security, compliance, and identity products. Intermediate understanding of Windows 10. Familiarity with Azure services, including Azure SQL Database, Azure Storage, Azure virtual machines, and virtual networking. Basic understanding of scripting concepts. Course Outline: Module 1: Mitigate threats using Microsoft Defender for Endpoint Protect against threats with Microsoft Defender for Endpoint Deploy the Microsoft Defender for Endpoint environment Implement Windows 10 security enhancements with Microsoft Defender for Endpoint Manage alerts and incidents in Microsoft Defender for Endpoint Perform device investigations in Microsoft Defender for Endpoint Perform actions on a device using Microsoft Defender for Endpoint Perform evidence and entities investigations using Microsoft Defender for Endpoint Configure and manage automation using Microsoft Defender for Endpoint Configure for alerts and detections in Microsoft Defender for Endpoint Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint Lab: Mitigate threats using Microsoft Defender for Endpoint Mitigate Attacks using Defender for Endpoint Module 2: Mitigate threats using Microsoft 365 Defender Introduction to threat protection with Microsoft 365 Mitigate incidents using Microsoft 365 Defender Protect your identities with Azure AD Identity Protection Remediate risks with Microsoft Defender for Office 365 Safeguard your environment with Microsoft Defender for Identity Secure your cloud apps and services with Microsoft Cloud App Security Respond to data loss prevention alerts using Microsoft 365 Manage insider risk in Microsoft 365 Lab: Mitigate threats using Microsoft 365 Defender Mitigate Attacks with Microsoft 365 Defender Module 3: Mitigate threats using Azure Defender Plan for cloud workload protections using Azure Defender Explain cloud workload protections in Azure Defender Connect Azure assets to Azure Defender Remediate security alerts using Azure Defender Lab: Mitigate threats using Azure Defender Mitigate Attacks with Azure Defender Construct KQL statements for Azure Sentinel Build multi-table statements using KQL Work with data in Azure Sentinel using Kusto Query Language Lab: Construct Basic KQL Statements Build multi-table statements using KQL Work with string data using KQL statements Introduction to Azure Sentinel Create and manage Azure Sentinel workspaces Query logs in Azure Sentinel Use watchlists in Azure Sentinel Utilize threat intelligence in Azure Sentinel Lab: Create a Watchlist Module 6: Connect logs to Azure Sentinel Connect data to Azure Sentinel using data connectors Connect Microsoft services to Azure Sentinel Connect Microsoft 365 Defender to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Common Event Format logs to Azure Sentinel Connect syslog data sources to Azure Sentinel Connect threat indicators to Azure Sentinel Lab: Connect logs to Azure Sentinel Connect Microsoft services to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Linux hosts to Azure Sentinel Connect Threat intelligence to Azure Sentinel Module 7: Create detections and perform investigations using Azure Sentinel Threat detection with Azure Sentinel analytics Threat response with Azure Sentinel playbooks Security incident management in Azure Sentinel Use entity behavior analytics in Azure Sentinel Query, visualize, and monitor data in Azure Sentinel Lab: Create detections and perform investigations using Azure Sentinel Create Analytical Rules Model Attacks to Define Rule Logic Module 8: Perform threat hunting in Azure Sentinel Threat hunting with Azure Sentinel Hunt for threats using notebooks in Azure Sentinel Benefit from our 1-On-1 Training for personalized, focused, and effective learning experiences. Customized Training
Experience our Customized Training service tailored to meet your specific learning needs and goals Join our Class featuring 4 - Hours / Weekend Session for in-depth learning and expert training. Free Demo Class
Join our Free Demo Class to experience top-notch training and expert guidance first hand! Purchase This Course
Add Exam Live Online Training (Duration : 32 Hours) Guaranteed to run classes as per your convenient time zone Industry experienced & certified trainers Query Handling session by technical expert after 2 month completion of training Custom tailored training as per the requirement Exam assistance Exam Mock papers 100% Quality assurance with certified & industry experienced Trainer 4 Hours Week Days Request More Information
nbb5Q CERTIFICATE Get Ahead With SpireTec Solutions Training Certificate
Earn your Certificate
Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. Differentiate yourself with Masters Certificate
Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. Share your achievement
Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. Our course is exhaustive and this certificate is proof that you have taken a big leap in mastering the domain. The
SC - 200 : Microsoft Security Operations Analyst
course is designed to provide learners with the knowledge and skills to mitigate threats using various Microsoft security solutions. It covers a comprehensive range of topics, including how to protect, detect, respond, and hunt for cybersecurity threats across Microsoft 365 Defender, Azure Defender, and Azure Sentinel. Learners will be equipped to set up Microsoft Defender for Endpoint, manage incidents, investigate alerts, and configure Advanced threat protection features. They will also learn to safeguard identities with Azure AD Identity Protection, protect against threats in Microsoft 365, and secure cloud apps with Microsoft Cloud App Security. Additionally, the course delves into Azure Sentinel, teaching how to create queries using Kusto Query Language (KQL), configure the Azure Sentinel environment, connect logs, create detections, investigate threats, and perform proactive Threat hunting. By mastering these skills, learners will be able to effectively perform Device investigations, configure and manage automation, and mitigate attacks using the suite of Microsoft security tools. This course prepares them for the Microsoft Security Operations Analyst role and the SC-200 certification exam. Audience Profile: The Microsoft Security Operations Analyst works closely with organizational stakeholders to secure IT systems, aiming to minimize risk by quickly addressing active threats, recommending improvements to threat protection practices, and reporting policy violations. This role involves threat management, monitoring, and response using various security solutions, including Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Analysts also play a key role in the configuration and deployment of these technologies. At Course Completion: After completing this course, students will be able to: Explain how Microsoft Defender for Endpoint can remediate risks and create a Defender for Endpoint environment. Configure Attack Surface Reduction rules on Windows 10 devices and perform actions using Microsoft Defender for Endpoint. Investigate domains, IP addresses, and user accounts in Microsoft Defender for Endpoint. Configure alert settings and understand the evolving threat landscape. Conduct advanced hunting and manage incidents in Microsoft 365 Defender. Explain how Microsoft Defender for Identity can remediate risks and investigate DLP alerts in Microsoft Cloud App Security. Configure auto-provisioning and remediate alerts in Azure Defender. Construct and use KQL (Kusto Query Language) statements for filtering, extracting, and managing data. Manage an Azure Sentinel workspace, including configuring Log Analytics agents, creating analytics rules and queries, and automating incident responses. Use queries to hunt for threats and monitor them over time with livestream. Prerequisites: Basic understanding of Microsoft 365 and fundamental Microsoft security, compliance, and identity products. Intermediate understanding of Windows 10. Familiarity with Azure services, including Azure SQL Database, Azure Storage, Azure virtual machines, and virtual networking. Basic understanding of scripting concepts. Course Outline: Module 1: Mitigate threats using Microsoft Defender for Endpoint Protect against threats with Microsoft Defender for Endpoint Deploy the Microsoft Defender for Endpoint environment Implement Windows 10 security enhancements with Microsoft Defender for Endpoint Manage alerts and incidents in Microsoft Defender for Endpoint Perform device investigations in Microsoft Defender for Endpoint Perform actions on a device using Microsoft Defender for Endpoint Perform evidence and entities investigations using Microsoft Defender for Endpoint Configure and manage automation using Microsoft Defender for Endpoint Configure for alerts and detections in Microsoft Defender for Endpoint Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint Lab: Mitigate threats using Microsoft Defender for Endpoint Mitigate Attacks using Defender for Endpoint Module 2: Mitigate threats using Microsoft 365 Defender Introduction to threat protection with Microsoft 365 Mitigate incidents using Microsoft 365 Defender Protect your identities with Azure AD Identity Protection Remediate risks with Microsoft Defender for Office 365 Safeguard your environment with Microsoft Defender for Identity Secure your cloud apps and services with Microsoft Cloud App Security Respond to data loss prevention alerts using Microsoft 365 Manage insider risk in Microsoft 365 Lab: Mitigate threats using Microsoft 365 Defender Mitigate Attacks with Microsoft 365 Defender Module 3: Mitigate threats using Azure Defender Plan for cloud workload protections using Azure Defender Explain cloud workload protections in Azure Defender Connect Azure assets to Azure Defender Remediate security alerts using Azure Defender Lab: Mitigate threats using Azure Defender Mitigate Attacks with Azure Defender Construct KQL statements for Azure Sentinel Build multi-table statements using KQL Work with data in Azure Sentinel using Kusto Query Language Lab: Construct Basic KQL Statements Build multi-table statements using KQL Work with string data using KQL statements Introduction to Azure Sentinel Create and manage Azure Sentinel workspaces Query logs in Azure Sentinel Use watchlists in Azure Sentinel Utilize threat intelligence in Azure Sentinel Lab: Create a Watchlist Module 6: Connect logs to Azure Sentinel Connect data to Azure Sentinel using data connectors Connect Microsoft services to Azure Sentinel Connect Microsoft 365 Defender to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Common Event Format logs to Azure Sentinel Connect syslog data sources to Azure Sentinel Connect threat indicators to Azure Sentinel Lab: Connect logs to Azure Sentinel Connect Microsoft services to Azure Sentinel Connect Windows hosts to Azure Sentinel Connect Linux hosts to Azure Sentinel Connect Threat intelligence to Azure Sentinel Module 7: Create detections and perform investigations using Azure Sentinel Threat detection with Azure Sentinel analytics Threat response with Azure Sentinel playbooks Security incident management in Azure Sentinel Use entity behavior analytics in Azure Sentinel Query, visualize, and monitor data in Azure Sentinel Lab: Create detections and perform investigations using Azure Sentinel Create Analytical Rules Model Attacks to Define Rule Logic Module 8: Perform threat hunting in Azure Sentinel Threat hunting with Azure Sentinel Hunt for threats using notebooks in Azure Sentinel
#J-18808-Ljbffr