Cloud Computing and Visualisation Category Banner Image

Microsoft SC-5001 - Configure SIEM Security Operations using Microsoft Sentinel

  • Length 1 day
  • Price  NZD 995 exc GST
Course overview
View dates &
book now

Why study this course

Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.

This one-day course prepares you for an Applied Skills credential.
For more than 30 years, Microsoft's industry-recognised certifications have provided proof of world-class technical proficiency for in-demand job roles. In today’s ever-changing business environment, there are also times when you need verified project-specific skills. Microsoft Applied Skills is a new verifiable credential that validates that you have the targeted skills needed to implement critical projects aligned to business goals and objectives. Applied Skills gives you a new opportunity to put your skills centre-stage, empowering you to showcase what you can do and what you can bring to key projects in your organisation.

Request Course Information

What you’ll learn

After completing this course, students will be able to:

  • Describe Microsoft Sentinel workspace architecture

  • Install Microsoft Sentinel workspace

  • Create and configure a Microsoft Sentinel workspace

  • Connect Microsoft service connectors

  • Explain how connectors auto-create incidents in Microsoft Sentinel

  • Connect Azure Windows Virtual Machines to Microsoft Sentinel

  • Connect non-Azure Windows hosts to Microsoft Sentinel

  • Configure Log Analytics agent to collect Sysmon events

  • Explain the importance of Microsoft Sentinel Analytics

  • Create rules from templates

  • Create new analytics rules and queries using the analytics rule wizard

  • Manage rules with modifications

  • Explain automation options in Microsoft Sentinel

  • Create automation rules in Microsoft Sentinel

  • Deploy Microsoft Sentinel Content Hub solutions and data connectors

  • Configure Microsoft Sentinel Data Collection rules, NRT Analytic rule and Automation

  • Perform a simulated attack to validate Analytic and Automation rules

Microsoft Partner Cloud Logo

Microsoft Azure at Lumify Work

Lumify Work is your best choice for training and certification in any of Microsoft’s leading technologies and services. We’ve been delivering effective training across all Microsoft products for over 30 years, and are proud to be Australia's and New Zealand’s first and largest Microsoft Gold Learning Solutions Partner. All Lumify Work Microsoft Azure courses follow Microsoft Official Curriculum (MOC) and are led by Microsoft Certified Trainers. Join more than 5,000 students who attend our quality Microsoft courses every year.

Who is the course for?

  • Security Engineers

  • Security Operations Analysts

Course subjects

  • Create and manage Microsoft Sentinel workspaces

  • Connect Microsoft services to Microsoft Sentinel

  • Connect Windows hosts to Microsoft Sentinel

  • Threat detection with Microsoft Sentinel analytics

  • Automation in Microsoft Sentinel

  • Configure SIEM security operations using Microsoft Sentinel


  • Fundamental understanding of Microsoft Azure

  • Basic understanding of Microsoft Sentinel

  • Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

Personalise your schedule with Lumify USchedule

Interested in a course that we have not yet scheduled? Get in touch, and ask for your preferred date and time. We can work together to make it happen.