Microsoft SC-5001 - Configure SIEM Security Operations using Microsoft Sentinel

Length 1 day
Price $990 inc GST

Course overview

View dates &
book now

Why study this course

Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.

Request Course Information

What you’ll learn

After completing this course, students will be able to:

Describe Microsoft Sentinel workspace architecture
Install Microsoft Sentinel workspace
Create and configure a Microsoft Sentinel workspace
Connect Microsoft service connectors
Explain how connectors auto-create incidents in Microsoft Sentinel
Connect Azure Windows Virtual Machines to Microsoft Sentinel
Connect non-Azure Windows hosts to Microsoft Sentinel
Configure Log Analytics agent to collect Sysmon events
Explain the importance of Microsoft Sentinel Analytics
Create rules from templates
Create new analytics rules and queries using the analytics rule wizard
Manage rules with modifications
Explain automation options in Microsoft Sentinel
Create automation rules in Microsoft Sentinel
Deploy Microsoft Sentinel Content Hub solutions and data connectors
Configure Microsoft Sentinel Data Collection rules, NRT Analytic rule and Automation
Perform a simulated attack to validate Analytic and Automation rules

Microsoft Azure at Lumify Work

As part of Lumify Group, Lumify Work has skilled more people in Microsoft technologies than any other organisation in Australia and New Zealand. We have a campus in the Philippines, too. We offer the broadest range of instructor-led training courses, from end user to architect level. We are proud to be the winner of the Microsoft MCT Superstars Award for FY24, which formally recognises us as having the highest quality Microsoft Certified Trainers in ANZ.

View all Microsoft Azure at Lumify Work courses

Who is the course for?

Security Engineers
Security Operations Analysts

Course subjects

Create and manage Microsoft Sentinel workspaces
Connect Microsoft services to Microsoft Sentinel
Connect Windows hosts to Microsoft Sentinel
Threat detection with Microsoft Sentinel analytics
Automation in Microsoft Sentinel
Configure SIEM security operations using Microsoft Sentinel

Prerequisites

Fundamental understanding of Microsoft Azure
Basic understanding of Microsoft Sentinel
Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Microsoft - Training Solutions Partner - Microsoft Certified Trainers - MCT Superstars Award FY24

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

Looking for more course options?

View all Microsoft Azure courses View all Cloud Computing and Virtualisation courses View all Cyber Security courses

Offers

Accelerate Copilot adoption with up to 50% off training

The promise of AI and Microsoft 365 Copilot in particular is clear. Microsoft research demonstrates that Copilot adoption results in: Significant time savings across departments Improved efficiency in document creation and communication Enhanced employee satisfaction and reduced repetitive tasks Copilot boosts creativity and makes data-driven insights more accessible than ever before. But how can businesses realise these benefits at scale? As the 2024 Work Trend Annual Report noted: “We’ve come to the hard part of any tech disruption: moving past experimentation to business transformation. Just as we saw with the advent of the internet or the PC, business transformation comes with broad adoption.”

Find out more