Cloud Computing & Virtualisation - Category Banner

Microsoft SC-5001 - Configure SIEM Security Operations using Microsoft Sentinel

Length 1 day
Price NZD 995 exc GST

Course overview

View dates &
book now

Course locations >>

Why study this course

Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.

This one-day course prepares you for an Applied Skills credential.
For more than 30 years, Microsoft's industry-recognised certifications have provided proof of world-class technical proficiency for in-demand job roles. In today’s ever-changing business environment, there are also times when you need verified project-specific skills. Microsoft Applied Skills is a new verifiable credential that validates that you have the targeted skills needed to implement critical projects aligned to business goals and objectives. Applied Skills gives you a new opportunity to put your skills centre-stage, empowering you to showcase what you can do and what you can bring to key projects in your organisation.

Request Course Information

What you’ll learn

After completing this course, students will be able to:

Describe Microsoft Sentinel workspace architecture
Install Microsoft Sentinel workspace
Create and configure a Microsoft Sentinel workspace
Connect Microsoft service connectors
Explain how connectors auto-create incidents in Microsoft Sentinel
Connect Azure Windows Virtual Machines to Microsoft Sentinel
Connect non-Azure Windows hosts to Microsoft Sentinel
Configure Log Analytics agent to collect Sysmon events
Explain the importance of Microsoft Sentinel Analytics
Create rules from templates
Create new analytics rules and queries using the analytics rule wizard
Manage rules with modifications
Explain automation options in Microsoft Sentinel
Create automation rules in Microsoft Sentinel
Deploy Microsoft Sentinel Content Hub solutions and data connectors
Configure Microsoft Sentinel Data Collection rules, NRT Analytic rule and Automation
Perform a simulated attack to validate Analytic and Automation rules

Microsoft Azure at Lumify Work

Lumify Work has been delivering effective training across all Microsoft products for over 30 years. We are proud to be both Australia's and New Zealand’s first Microsoft Gold Learning Solutions Partner and the winner of the Microsoft MCT Superstars Award for FY24, which formally recognises us as having the highest quality Microsoft Certified Trainers (MCTs) in ANZ. All Lumify Work Microsoft Azure courses follow Microsoft Official Curriculum (MOC) and are led by MCTs.

View all Microsoft Azure courses

Who is the course for?

Security Engineers
Security Operations Analysts

Course subjects

Create and manage Microsoft Sentinel workspaces
Connect Microsoft services to Microsoft Sentinel
Connect Windows hosts to Microsoft Sentinel
Threat detection with Microsoft Sentinel analytics
Automation in Microsoft Sentinel
Configure SIEM security operations using Microsoft Sentinel

Prerequisites

Fundamental understanding of Microsoft Azure
Basic understanding of Microsoft Sentinel
Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.