From the course: Microsoft Security Operations Analyst Associate (SC-200) Exam Tips
Unlock the full course today
Join today to access over 23,200 courses taught by industry experts.
Design and configure a Microsoft Sentinel workspace
From the course: Microsoft Security Operations Analyst Associate (SC-200) Exam Tips
Design and configure a Microsoft Sentinel workspace
- [Instructor] Microsoft Sentinel is a scalable cloud native security information event management, or a SIEM, and security orchestration automation response, or SOAR solution. Microsoft Sentinel provides the full view across the company to recognize increasingly sophisticated attacks, increasing volumes of alerts and long resolution timeframes making your company more efficient in responding to and eliminating threats. For context, a security information event management, or SIEM, is a solution within a security operation center that gathers logs and events from various applications and software within an information technology infrastructure. These SIEM solutions then review the logs and events for potential threats by searching for behavior that is not typical to best practices or may be seen as anomalous, or atypical. The benefit of having and utilizing a SIEM is that without one security operations personnel would…
Contents
-
-
-
-
-
(Locked)
Design and configure a Microsoft Sentinel workspace3m 49s
-
(Locked)
Implement data connectors for Microsoft Sentinel3m 16s
-
(Locked)
Demo: Microsoft Sentinel setup demo5m 30s
-
(Locked)
Microsoft Sentinel analytics rules, queries, and alerts3m 51s
-
(Locked)
Microsoft Sentinel orchestration and automation3m 40s
-
(Locked)
Demo: Microsoft Sentinel analytics and automation2m 43s
-
(Locked)
-
-