SC-200 Microsoft Security Operations Analyst, Part 9 of 9: Microsoft Sentinel Threat Hunting
with expert Cristian Calinescu
Watch trailer
Course at a glance
Included in these subscriptions:
- Dev & IT Pro Video
- Dev & IT Pro Power Pack
| Release date | 3/25/2022 | |
| Level | Advanced | |
| Runtime | 0h 31m | |
| Closed captioning | N/A | |
| Transcript | N/A | |
| eBooks / courseware | N/A | |
| Hands-on labs | N/A | |
| Sample code | Included | |
| Exams | Included |
Course description
The SC-200 Microsoft Security Operations Analyst exam measures your ability to accomplish the following technical tasks: mitigate threats using Microsoft 365 Defender (25-30%); mitigate threats using Microsoft Defender for Cloud (25-30%); and mitigate threats using Microsoft Sentinel (40-45%) .
This course covers Threat hunting in Microsoft Sentinel.
Prerequisites
Basic understanding of Microsoft 365, environment, security, compliance and identity products.
Windows 10/11
familiarity wit Azure services, DB, Storage
basic understanding of Scripting concepts
Meet the expert
Cristian Calinescu is a Microsoft certified Azure Solutions Architect Expert, Senior Infrastructure Engineer and Infrastructure Security Operations Manager.
Course outline
Module 12
Threat Hunting Concepts in Microsoft Sentinel (31:26)
- Introduction (00:08)
- Threat Hunting Concepts in Microsoft Sentinel (01:04)
- Cybersecurity Threat Hunting (04:30)
- Develop Threat Hunting Hypothesis (03:58)
- Threat Hunting with Microsoft Sentinel (00:27)
- Hunt Using Built-in Queries (01:41)
- Demo: Quries (05:06)
- Observe Threats Over TIme (01:55)
- Demo: Observe Threats (01:37)
- Notebooks in Microsoft Sentinel (00:27)
- Hunt with Notebooks (05:02)
- Create a Notebook (01:28)
- Demo: Create Notebook (00:54)
- Explore Notebook (02:56)
- Summary (00:08)