Microsoft Sentinel course with hands on sims for beginners

سرفصل های دوره

Learn how to expertly administer Microsoft Sentinel (including SOAR and SIEM) with hands on experience!

1 - Introduction

1 - Welcome to the course

2 - Understanding the Microsoft Environment

3 - Foundations of Active Directory Domains

4 - Foundations of RAS DMZ and Virtualization

5 - Foundations of the Microsoft Cloud Services

6 - DONT SKIP The first thing to know about Microsoft cloud services

7 - DONT SKIP Azure AD is now renamed to Entra ID

8 - Questions for John Christopher

2 - Performing hands on activities

9 - DONT SKIP Using Assignments Simulations in the course

10 - Creating a free Microsoft 365 Account

11 - Getting your free Azure credit

3 - Understanding and setting up a Microsoft Sentinel Workspace

12 - Microsoft-Sentinel.pdf

12 - Overview of Microsoft Sentinel

13 - Configuring a Microsoft Sentinel workspace

14 - Managing roles regarding Sentinel

15 - Managing log types log retention and data storage in Sentinel

4 - Working with data connectors and ingestion in Microsoft Sentinel

16 - Microsoft Sentinel data source identification

16 - identify-data-sources-to-be-ingested-for-microsoft-sentinel.zip

17 - Setting up connectors for ingesting data into Microsoft Sentinel

18 - Connecting Sentinel with Microsoft 365 Defender and Defender for Cloud

19 - Common Event Format CEF and Syslog event collections

20 - Windows Security Event Collection setup in Microsoft Sentinel

21 - Managing threat intelligence connectors in Microsoft Sentinel

22 - Working with custom log tables

22 - sample.zip

5 - Using analytics rules in Microsoft Sentinel

23 - Sentinel-Analytics-Rules.pdf

23 - Understanding analytics rules in Microsoft Sentinel

24 - Fusion rule configuration

25 - Security analytics rules

26 - Working with scheduled query rules in Microsoft Sentinel

27 - Custom scheduled query rules

27 - KQL-custom-scheduled-query.txt

28 - KQL-NRT-rule.txt

28 - Working with nearrealtime NRT analytics rules

29 - Content hub analytics rules

30 - Watchlists in Microsoft Sentinel

30 - watchlist-sample.csv

31 - Threat indicators in Microsoft Sentinel

6 - Classification normalization security orchestration automated response SOAR

32 - Working with using entities for classifying and analyzing data

33 - Advanced Security Information ModelASIM queries with Microsoft Sentinel

33 - Advanced-Security-Information-Model-ASIM.pdf

34 - ASIM parser management

34 - ASIM-example.txt

35 - Using automation rules

36 - Using playbooks in Microsoft Sentinel

37 - Automation rule triggering using analytic rules

38 - Alert and incident playbook triggering

7 - Dealing with Incidents and Workbooks for analyzes and interpretation of data

39 - Incident generation in Microsoft Sentinel

40 - Understanding the concepts of triaging incidents in Sentinel

41 - Microsoft Sentinel incident investigation

42 - How to respond to Microsoft Sentinel incidents

43 - Multiworkspace incident investigation

44 - Workbook template customization and management

45 - Implementing custom workbooks in Microsoft Sentinel

46 - Working with advanced visualizations

8 - Threat hunting and entity behavior analytics in Microsoft Sentinel

47 - MITRE ATTCK attack vectors in Microsoft Sentinel

48 - Using hunting queries from the content gallery

49 - Hunting query customization

50 - Data investigations with hunting bookmarks

51 - Using Livestream to monitor hunting queries

52 - How archived log data can be retrieved in Microsoft Sentinel

53 - Search job management in Microsoft Sentinel

54 - Entity Behavior Analytics settings

55 - Entity page investigation of threats

56 - Anomaly detection analytics rules in Microsoft Sentinel

56 - KQL-Anomaly-Rule.txt

9 - Conclusion

57 - Cleaning up your lab environment

58 - Getting a Udemy certificate

59 - BONUS Where do I go from here

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy