Cloud Computing and Virtualisation

Microsoft SC-5001 - Configure SIEM Security Operations using Microsoft Sentinel

  • Length 1 day
  • Price  NZD 995 exc GST
Course overview
View dates &
book now

Why study this course

Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.

This one-day course prepares you for an Applied Skills credential.
For more than 30 years, Microsoft's industry-recognised certifications have provided proof of world-class technical proficiency for in-demand job roles. In today’s ever-changing business environment, there are also times when you need verified project-specific skills. Microsoft Applied Skills is a new verifiable credential that validates that you have the targeted skills needed to implement critical projects aligned to business goals and objectives. Applied Skills gives you a new opportunity to put your skills centre-stage, empowering you to showcase what you can do and what you can bring to key projects in your organisation.

Request Course Information


What you’ll learn

After completing this course, students will be able to:

  • Describe Microsoft Sentinel workspace architecture

  • Install Microsoft Sentinel workspace

  • Create and configure a Microsoft Sentinel workspace

  • Connect Microsoft service connectors

  • Explain how connectors auto-create incidents in Microsoft Sentinel

  • Connect Azure Windows Virtual Machines to Microsoft Sentinel

  • Connect non-Azure Windows hosts to Microsoft Sentinel

  • Configure Log Analytics agent to collect Sysmon events

  • Explain the importance of Microsoft Sentinel Analytics

  • Create rules from templates

  • Create new analytics rules and queries using the analytics rule wizard

  • Manage rules with modifications

  • Explain automation options in Microsoft Sentinel

  • Create automation rules in Microsoft Sentinel

  • Deploy Microsoft Sentinel Content Hub solutions and data connectors

  • Configure Microsoft Sentinel Data Collection rules, NRT Analytic rule and Automation

  • Perform a simulated attack to validate Analytic and Automation rules


Microsoft Solutions Partner - Cloud - Training Services Logo

Microsoft Azure at Lumify Work

Lumify Work has been delivering effective training across all Microsoft products for over 30 years. We are proud to be both Australia's and New Zealand’s first Microsoft Gold Learning Solutions Partner and the winner of the Microsoft MCT Superstars Award for FY24, which formally recognises us as having the highest quality Microsoft Certified Trainers (MCTs) in ANZ. All Lumify Work Microsoft Azure courses follow Microsoft Official Curriculum (MOC) and are led by MCTs.


Who is the course for?

  • Security Engineers

  • Security Operations Analysts


Course subjects

  • Create and manage Microsoft Sentinel workspaces

  • Connect Microsoft services to Microsoft Sentinel

  • Connect Windows hosts to Microsoft Sentinel

  • Threat detection with Microsoft Sentinel analytics

  • Automation in Microsoft Sentinel

  • Configure SIEM security operations using Microsoft Sentinel


Prerequisites

  • Fundamental understanding of Microsoft Azure

  • Basic understanding of Microsoft Sentinel

  • Experience using Kusto Query Language (KQL) in Microsoft Sentinel


Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.


Request Course Information

Select and book a course

December
January
March
April
June
July
September
December

Can't find a date you like?

Contact sales