LearnNowOnline

Learn your way! Get started

SC-200 Microsoft Security Operations Analyst, Part 8 of 9: Detection with Microsoft Sentinel

with expert Cristian Calinescu

Watch trailer

Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack
Release date 3/25/2022
Level Advanced
Runtime 1h 27m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code Included
Exams Included
Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

The SC-200 Microsoft Security Operations Analyst exam measures your ability to accomplish the following technical tasks: mitigate threats using Microsoft 365 Defender (25-30%); mitigate threats using Microsoft Defender for Cloud (25-30%); and mitigate threats using Microsoft Sentinel (40-45%) . This course covers Detection and investigations using Microsoft Sentinel.

Prerequisites

Basic understanding of Microsoft 365, environment, security, compliance and identity products. Windows 10/11 familiarity wit Azure services, DB, Storage basic understanding of Scripting concepts

Meet the expert

Cristian Calinescu is a Microsoft certified Azure Solutions Architect Expert, Senior Infrastructure Engineer and Infrastructure Security Operations Manager.

Course outline

Module 11

Threat Detection with Microsoft Sentinel Analytics (38:31)
  • Introduction (00:08)
  • Threat Detection with Microsoft Sentinel Analytics (00:57)
  • Sentinel Analytics (04:07)
  • Types of Analytics Rules (01:06)
  • Fusion Alerts (04:10)
  • Typs of Analytics Rules (01:42)
  • Demo: Create Analytical Rule (10:06)
  • Security Incident managent in Microsoft Sentinel (00:19)
  • Key concepts (03:10)
  • Explain Evidence and Entities (04:16)
  • Investigate Incidents (01:17)
  • Demo: Incients (07:01)
  • Summary (00:08)
Threat Response with Microsoft Sentinel Playbooks (26:33)
  • Introduction (00:08)
  • Threat Response with Microsoft Sentinel Playbooks (06:46)
  • Create Logic App (00:38)
  • Demo: Playbook (18:52)
  • Summary (00:08)
Entity Behaviour Analytics in Microsoft Sentinel (22:29)
  • Introduction (00:08)
  • Entity Behaviour Analytics in Microsoft Sentinel (00:54)
  • Architecture Overview (03:37)
  • Security Driven Analytics (04:33)
  • Demo: Entities Timeline (02:39)
  • Workbooks in Microsoft Sentinel (00:36)
  • Sentinel Workbooks (01:00)
  • Demo: Sentinel Workbooks (08:51)
  • Summary (00:08)