In this course students will gain the knowledge and skills needed to implement security controls, maintain the security posture, and identify and remediate vulnerabilities by using a variety of security tools.
Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyse large volumes of data across an enterprise—fast. Azure Sentinel aggregates data from all sources, including users, applications, servers and devices running on-premises or in any cloud, letting you reason over millions of records in a few seconds.
This course is aimed at SecOps and IT Pros working with the task of an security administrator role. This role collaborates with the Microsoft 365 Enterprise Administrator, business stakeholders and other workload administrators to plan and implement security strategies and ensures that the solutions comply with the policies and regulations of the organization.
Students should have at least one year of hands-on experience securing Azure workloads and experience with security controls for workloads on Azure.
To attend this course you should have the following skills:
Module 1. Security Challenges
Module 2 : Query, visualize, and monitor data in Azure Sentinel
Module 3: Detecting threat using Analytics Rules
Module 4: Incident Management
Module 5. Threat hunting with Azure Sentinel
Module 6: Respond to threat using playbooks
Module 7: Operational Tasks for Azure Sentinel
There is no certification related to this training.