Enhance Cybersecurity with Microsoft Sentinel: Configure SIEM Operations effectively.
Strengthen your organization’s security posture by mastering Security Information and Event Management (SIEM) operations using Microsoft Sentinel. This Microsoft Applied Skills course is designed for IT and security professionals looking to enhance their skills in threat detection, automated response, and real-time analysis.
Learn to configure Sentinel for comprehensive security monitoring and incident management, ensuring that your network is protected from advanced threats.
Microsoft Applied Skills – the new credentials to verify in-demand technical skills. Get trained and certified with Microsoft Malaysia’s Learning Partner of the Year 2024 today.
Overview
Real skills for real-time results with Microsoft Applied Skills credentials.
Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.
Lead the era of AI with Microsoft. Power your organization’s AI transformation with Microsoft Cloud. The AI you can trust.
Skills Covered
- Create and manage Microsoft Sentinel workspaces
- Connect Microsoft services to Microsoft Sentinel
- Connect Windows hosts to Microsoft Sentinel
- Threat detection with Microsoft Sentinel analytics
- Automation in Microsoft Sentinel
- Configure SIEM security operations using Microsoft Sentinel
Prerequisites
- Fundamental understanding of Microsoft Azure
- Basic understanding of Microsoft Sentinel
- Experience using Kusto Query Language (KQL) in Microsoft Sentinel
Target Audience
- Security Operations Analyst
Module 1: Create and manage Microsoft Sentinel workspaces
Learn about the architecture of Microsoft Sentinel workspaces to ensure you configure your system to meet your organization’s security operations requirements.
Learning objectives
Upon completion of this module, the learner will be able to:
- Describe Microsoft Sentinel workspace architecture
- Install Microsoft Sentinel workspace
- Manage a Microsoft Sentinel workspace
Prerequisites
Basic experience with Azure services
Module 2: Connect Microsoft services to Microsoft Sentinel
Learn how to connect Microsoft 365 and Azure service logs to Microsoft Sentinel.
Learning objectives
Upon completion of this module, the learner will be able to:
- Connect Microsoft service connectors
- Explain how connectors auto-create incidents in Microsoft Sentinel
Prerequisites
Basic experience with Azure services
Module 3: Connect Windows hosts to Microsoft Sentinel
One of the most common logs to collect is Windows security events. Learn how Microsoft Sentinel makes this easy with the Security Events connector.
Learning objectives
Upon completion of this module, the learner will be able to:
- Connect Azure Windows Virtual Machines to Microsoft Sentinel
- Connect non-Azure Windows hosts to Microsoft Sentinel
- Configure Log Analytics agent to collect Sysmon events
Prerequisites
Basic knowledge of operational concepts such as monitoring, logging, and alerting.
Module 4: Threat detection with Microsoft Sentinel analytics
In this module, you learned how Microsoft Sentinel Analytics can help the SecOps team identify and stop cyber attacks.
Learning objectives
In this module, you will:
- Explain the importance of Microsoft Sentinel Analytics.
- Explain different types of analytics rules.
- Create rules from templates.
- Create new analytics rules and queries using the analytics rule wizard.
- Manage rules with modifications.
Prerequisites
- Basic knowledge of Azure services
- Basic knowledge of operational concepts, such as monitoring, logging, and alerting
- Azure subscription
- Microsoft Sentinel instance in your Azure subscription
Module 5: Automation in Microsoft Sentinel
By the end of this module, you’ll be able to use automation rules in Microsoft Sentinel to automated incident management.
Learning objectives
After completing this module, you’ll be able to:
- Explain automation options in Microsoft Sentinel
- Create automation rules in Microsoft Sentinel
Prerequisites
None
Module 6: Configure SIEM security operations using Microsoft Sentinel
In this module, you learned how to configure SIEM security operations using Microsoft Sentinel.
Learning objectives
Upon completion of this module, the learner is able to:
- Create and configure a Microsoft Sentinel workspace
- Deploy Microsoft Sentinel Content Hub solutions and data connectors
- Configure Microsoft Sentinel Data Collection rules, NRT Analytic rule and Automation
- Perform a simulated attack to validate Analytic and Automation rules
Prerequisites
- Basic experience with Azure services
- Basic knowledge of operational concepts, such as monitoring, logging, and alerting
- An Azure subscription
Dates & Locations
July 14, 2026 - July 14, 2026
July 14, 2026 - July 14, 2026
October 13, 2026 - October 13, 2026
October 13, 2026 - October 13, 2026
Exam & Certification
To earn this Microsoft Applied Skills credential, learners demonstrate the ability to set up and configure Microsoft Sentinel.
Candidates for this credential should be familiar with Microsoft Security, compliance, and identity products; the Azure portal; and Azure administration, including role-based access control (RBAC).
- Tasks performed
Create and configure a Microsoft Sentinel workspace - Deploy a Microsoft Sentinel content hub solution
- Configure analytics rules in Microsoft Sentinel
- Configure automation in Microsoft Sentinel
Training & Certification Guide
Frequently Asked Questions
Speak to a Training Consultant
All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631
