Description
We really hope you’ll agree, this training is way more than the average course on Udemy! Have access to the following:Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified TrainerLecture that explains the concepts in an easy to learn method for someone that is just starting out with this materialInstructor led hands on and simulations to practice that can be followed even if you have little to no experience
Overview
Section 1: Introduction
Lecture 1 Welcome to the course!
Lecture 2 Understanding the Microsoft Environment
Lecture 3 Foundations of Active Directory Domains
Lecture 4 Foundations of RAS, DMZ, and Virtualization
Lecture 5 Foundations of the Microsoft Cloud Services
Lecture 6 DONT SKIP: The first thing to know about Microsoft cloud services
Lecture 7 DONT SKIP: Azure AD is now renamed to Entra ID
Lecture 8 Questions for John Christopher
Section 2: Performing hands on activities
Lecture 9 DONT SKIP: Using Assignments (Simulations) in the course
Lecture 10 Creating a free Microsoft 365 Account
Lecture 11 Getting your free Azure credit
Section 3: Understanding and setting up a Microsoft Sentinel Workspace
Lecture 12 Overview of Microsoft Sentinel
Lecture 13 Configuring a Microsoft Sentinel workspace
Lecture 14 Managing roles regarding Sentinel
Lecture 15 Managing log types, log retention, and data storage in Sentinel
Section 4: Working with data connectors and ingestion in Microsoft Sentinel
Lecture 16 Microsoft Sentinel data source identification
Lecture 17 Setting up connectors for ingesting data into Microsoft Sentinel
Lecture 18 Connecting Sentinel with Microsoft 365 Defender and Defender for Cloud
Lecture 19 Common Event Format (CEF) and Syslog event collections
Lecture 20 Windows Security Event Collection setup in Microsoft Sentinel
Lecture 21 Managing threat intelligence connectors in Microsoft Sentinel
Lecture 22 Working with custom log tables
Section 5: Using analytics rules in Microsoft Sentinel
Lecture 23 Understanding analytics rules in Microsoft Sentinel
Lecture 24 Fusion rule configuration
Lecture 25 Security analytics rules
Lecture 26 Working with scheduled query rules in Microsoft Sentinel
Lecture 27 Custom scheduled query rules
Lecture 28 Working with near-real-time (NRT) analytics rules
Lecture 29 Content hub analytics rules
Lecture 30 Watchlists in Microsoft Sentinel
Lecture 31 Threat indicators in Microsoft Sentinel
Section 6: Classification, normalization & security orchestration automated response (SOAR)
Lecture 32 Working with using entities for classifying and analyzing data
Lecture 33 Advanced Security Information Model(ASIM) queries with Microsoft Sentinel
Lecture 34 ASIM parser management
Lecture 35 Using automation rules
Lecture 36 Using playbooks in Microsoft Sentinel
Lecture 37 Automation rule triggering using analytic rules
Lecture 38 Alert and incident playbook triggering
Section 7: Dealing with Incidents and Workbooks for analyzes and interpretation of data
Lecture 39 Incident generation in Microsoft Sentinel
Lecture 40 Understanding the concepts of triaging incidents in Sentinel
Lecture 41 Microsoft Sentinel incident investigation
Lecture 42 How to respond to Microsoft Sentinel incidents
Lecture 43 Multi-workspace incident investigation
Lecture 44 Workbook template customization and management
Lecture 45 Implementing custom workbooks in Microsoft Sentinel
Lecture 46 Working with advanced visualizations
Section 8: Threat hunting and entity behavior analytics in Microsoft Sentinel
Lecture 47 MITRE ATT&CK attack vectors in Microsoft Sentinel
Lecture 48 Using hunting queries from the content gallery
Lecture 49 Hunting query customization
Lecture 50 Data investigations with hunting bookmarks
Lecture 51 Using Livestream to monitor hunting queries
Lecture 52 How archived log data can be retrieved in Microsoft Sentinel
Lecture 53 Search job management in Microsoft Sentinel
Lecture 54 Entity Behavior Analytics settings
Lecture 55 Entity page investigation of threats
Lecture 56 Anomaly detection analytics rules in Microsoft Sentinel
Section 9: Conclusion
Lecture 57 Cleaning up your lab environment
Lecture 58 Getting a Udemy certificate
Lecture 59 BONUS Where do I go from here?