Training Microsoft

Training goals

code: MS-55610

This 3 day hands on course helps you get ramped up with Microsoft Sentinel and provide hands-on practical experience for product features, capabilities, and scenarios.

During the course you will deploy a Microsoft Sentinel workspace and ingest pre-recorded data to simulate scenarios that showcase various Microsoft Sentinel features.

This course is aimed at IT professionals and Azure administrators that have some experience administering and configuring Azure, but want to gain an insight into implementing Microsoft’s SIEM/SOAR solution, Microsoft Sentinel.

Conspect Show list

  • Microsoft Sentinel Overview
    • Microsoft Sentinel Overview
    • Data ingestion methods
    • Microsoft Sentinel for MSSPs
    • User and entity behavior analysis
    • Fusion
    • Notebooks
    • Management and automation tools
    • Logs and costs
  • KQL
    • The importance of KQL across Azure
    • User interface (demo)
    • Standard KQL structure
    • Common KQL commands
  • Data connectors
    • Managing content in Microsoft Sentinel
    • Connecting data to Microsoft Sentinel using data connectors
    • Connecting Microsoft services to Microsoft Sentinel
    • Connecting Microsoft 365 Defender to Microsoft Sentinel
    • Connecting Windows hosts to Microsoft Sentinel
    • Connecting Common Event Format logs to Microsoft Sentinel
    • Connecting syslog data sources to Microsoft Sentinel
    • Connecting threat indicators to Microsoft Sentinel
  • Analytic rules
    • Detecting threats using Microsoft Sentinel analytics
    • Automation in Microsoft Sentinel
    • Responding to threats using Microsoft Sentinel playbooks
  • Incident management
    • Incident management overview
    • User and entity behavior analysis
    • Data normalization in Microsoft Sentinel
    • Searching, visualizing, and monitoring data
  • Hunting
    • Threat hunting concepts
    • Threat hunting using Microsoft Sentinel
    • Using hunting queries in Microsoft Sentinel
    • Threat hunting using notebooks
  • Watchlists
    • Prioritizing incidents
    • Importing business data
    • Reducing alert fatigue
    • Enriching event data
  • Threat intelligence
    • Threat intelligence overview
    • Threat intelligence in Microsoft Sentinel
Download conspect training as PDF

Additional information

Prerequisites
  • Basic conceptual understanding of Microsoft Azure.
  • Experience with Windows 10 devices.
  • Experience with Office 365.
  • Basic understanding of authorization and authentication.
  • Basic understanding of computer networks.
  • Working knowledge of managing mobile devices.
Difficulty level
Duration 3 days
Certificate

Certificate of completing an authorized Microsoft training.
Trainer

Microsoft Certified Trainer.

Other training Microsoft | Microsoft 365

Microsoft show more courses
Training thematically related

Software

Cloud-Native (Kubernetes) | Component Soft

Microsoft 365 | Microsoft

Windows Server Technologies | Microsoft

Windows | Microsoft

PowerShell | Microsoft

Dynamics 365 | Microsoft

Power Platform | Microsoft

Microsoft System Center | Microsoft

SharePoint | Microsoft

Contact form

Please fill form below to obtain more info about this training.






* Fields marked with (*) are required !!!

Information on data processing by Compendium - Centrum Edukacyjne Spółka z o.o.

PRICE 1500 EUR

FORM OF TRAINING ?

 

TRAINING MATERIALS ?

 

SELECT TRAINING DATE

    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
Book a training appointment
close

Traditional training

Sessions organised at Compendium CE are usually held in our locations in Kraków and Warsaw, but also in venues designated by the client. The group participating in training meets at a specific place and specific time with a coach and actively participates in laboratory sessions.

Dlearning training

You may participate from at any place in the world. It is sufficient to have a computer (or, actually a tablet, or smartphone) connected to the Internet. Compendium CE provides each Distance Learning training participant with adequate software enabling connection to the Data Center. For more information, please visit dlearning.eu site

close

Paper materials

Traditional materials: The price includes standard materials issued in the form of paper books, printed or other, depending on the arrangements with the manufacturer.

Electronic materials

Electronic materials: These are electronic training materials that are available to you based on your specific application: Skillpipe, eVantage, etc., or as PDF documents.

Ctab materials

Ctab materials: the price includes ctab tablet and electronic training materials or traditional training materials and supplies provided electronically according to manufacturer's specifications (in PDF or EPUB form). The materials provided are adapted for display on ctab tablets. For more information, check out the ctab website.

Upcoming Microsoft training

Training schedule Microsoft