Cloud Computing and Visualisation Category Banner Image

Microsoft SC-5001 - Configure SIEM Security Operations using Microsoft Sentinel

  • Length 1 day
  • Price  $990 inc GST
Course overview
View dates &
book now

Why study this course

Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.

Microsoft Applied Skills
For more than 30 years, Microsoft's industry-recognised certifications have provided proof of world-class technical proficiency for in-demand job roles. In today’s ever-changing business environment, there are also times when you need verified project-specific skills. Microsoft Applied Skills is a new verifiable credential that validates that you have the targeted skills needed to implement critical projects aligned to business goals and objectives. Applied Skills gives you a new opportunity to put your skills center stage, empowering you to showcase what you can do and what you can bring to key projects in your organisation. Prepare for your Applied Skills credential with this one-day, instructor-led training course.

Request Course Information


What you’ll learn

After completing this course, students will be able to:

  • Describe Microsoft Sentinel workspace architecture

  • Install Microsoft Sentinel workspace

  • Create and configure a Microsoft Sentinel workspace

  • Connect Microsoft service connectors

  • Explain how connectors auto-create incidents in Microsoft Sentinel

  • Connect Azure Windows Virtual Machines to Microsoft Sentinel

  • Connect non-Azure Windows hosts to Microsoft Sentinel

  • Configure Log Analytics agent to collect Sysmon events

  • Explain the importance of Microsoft Sentinel Analytics

  • Create rules from templates

  • Create new analytics rules and queries using the analytics rule wizard

  • Manage rules with modifications

  • Explain automation options in Microsoft Sentinel

  • Create automation rules in Microsoft Sentinel

  • Deploy Microsoft Sentinel Content Hub solutions and data connectors

  • Configure Microsoft Sentinel Data Collection rules, NRT Analytic rule and Automation

  • Perform a simulated attack to validate Analytic and Automation rules


Microsoft Partner Cloud Logo

Microsoft Azure at Lumify Work

Lumify Work is your best choice for training and certification in any of Microsoft’s leading technologies and services. We’ve been delivering effective training across all Microsoft products for over 30 years, and are proud to be Australia's and New Zealand’s first and largest Microsoft Gold Learning Solutions Partner. All Lumify Work Microsoft Azure courses follow Microsoft Official Curriculum (MOC) and are led by Microsoft Certified Trainers. Join more than 5,000 students who attend our quality Microsoft courses every year.


Who is the course for?

  • Security Engineers

  • Security Operations Analysts


Course subjects

  • Create and manage Microsoft Sentinel workspaces

  • Connect Microsoft services to Microsoft Sentinel

  • Connect Windows hosts to Microsoft Sentinel

  • Threat detection with Microsoft Sentinel analytics

  • Automation in Microsoft Sentinel

  • Configure SIEM security operations using Microsoft Sentinel


Prerequisites

  • Fundamental understanding of Microsoft Azure

  • Basic understanding of Microsoft Sentinel

  • Experience using Kusto Query Language (KQL) in Microsoft Sentinel


Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.


Request Course Information

Personalise your schedule with Lumify USchedule

Interested in a course that we have not yet scheduled? Get in touch, and ask for your preferred date and time. We can work together to make it happen.



Offers

  • Continue your learning experience online with Lumify Plus
    Lumify Plus (formerly DDLS Plus) is your online learning pathway to extend knowledge beyond courses. Get resources to help you practice what you learned and prepare for future courses, exams and certifications.
  • Microsoft Azure and 365 Teams Course Bundles
    Introducing the latest offers on Microsoft Azure and 365 Teams courses. Read the full details below and get Microsoft Certified.
  • Microsoft Azure Developer & DOI DevOps Foundation Bundle
    This bundle brings together two globally recognised and sought after courses to set you apart from the rest and give you the edge you need to advance your career.