Explore digital courses

Connect logs to Microsoft Sentinel

Modules in this learning path:

• Connect Data to Azure Sentinel with Data Connectors
• Connect Microsoft Services to Azure Sentinel
• Connect Microsoft Defender 365 to Azure Sentinel
• Connect Windows Hosts to Azure Sentinel
• Connect Common Event Format Cef Logs to Azure Sentinel
• Connect Syslog Data Sources to Azure Sentinel
• Connect Threat Indicators to Azure Sentinel

Products: Azure, Azure Log Analytics, Microsoft Sentinel

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 184 minutes

Connect non-Azure resources to Microsoft Defender for Cloud

Units in this learning path:

• Introduction
• Protect Resources
• Azure Resources
• Connect Your Aws Accounts
• Connect Your Gcp Accounts
• Knowledge Check
• Summary Resources

Products: Azure, Azure Arc, Defender For Cloud

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 44 minutes

Connect syslog data sources to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Syslog Connector
• Collect Data from Linux Based Sources Using Syslog
• Configure Log Analytics Agent
• Parse Syslog Data
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Azure Log Analytics, Azure Monitor

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 28 minutes

Connect threat indicators to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Threat Intelligence Connectors
• Defender Threat Intelligence Connector
• Intelligence Taxii Connector
• Intelligence Upload API Connector
• View Your Threat Indicators
• Knowledge Check
• Summary Resources

Products: Microsoft Defender, Microsoft Sentinel, Defender For Threat Intelligence

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Security, Cloud Security, Threat Protection

Duration: 33 minutes

Construct KQL statements for Microsoft Sentinel

Units in this learning path:

• Introduction
• Understand Kql Statement Structure
• Use Search Operator
• Use Where Operator
• Use Let Statement
• Use Extend Operator
• Use Order by Operator
• Use Project Operators
• Knowledge Check
• Summary Resources

Products: Defender Xdr, Azure Data Explorer, Azure Log Analytics, Microsoft Sentinel

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 36 minutes

Data-flow diagrams are graphical representations of your system and should specify each element, their interactions, and context.

Units in this learning path:

• 1 Introduction
• 1b Elements
• 2 Process the Task Element
• 3 Data Store the Storage Element
• 4 External Entity the No Control Element
• 5 Data Flow the Data in Transit Element
• 6 Trust Boundary the Trust Zone Change Element
• 7 Summary

Products: Azure, Defender For Cloud, M365 Security Center, Defender For Cloud Apps

Roles: Administrator, Developer, Devops Engineer, Security Engineer, Solution Architect

Level: Beginner

Subjects: Threat Protection

Duration: 42 minutes

This credential earner demonstrated their applied knowledge in creating and implementing security measures for a technology company. The earner has implemented essential security controls, identified common threats and attacks, and understood data and access controls. The earner will build and develop their transferable skills and gain real industry experience.

Microsoft Purview sensitivity labels enable you to classify and protect sensitive data throughout your organization, including in the cloud and on devices. This module covers how to classify and protect sensitive information to ensure its security and compliance.

Units in this learning path:

• Introduction
• Information Protection Overview
• Configure Sensitivity Labels
• Configure Sensitivity Label Encryption
• Configure Auto Labeling Policies
• Manage Monitor Remediate
• Knowledge Check
• Summary

Products: Microsoft Purview, M365, Office 365

Roles: Administrator

Level: Intermediate

Subjects: Information Protection Governance

Duration: 54 minutes

Create and manage Insider Risk Management policies.

Units in this learning path:

• Introduction
• Policy Templates
• Compare Quick Custom Policies
• Create Custom Insider Risk Policy
• Manage Insider Risk Policy
• Knowledge Check
• Summary

Products: Microsoft Purview, M365

Roles: Auditor, Administrator, Risk Practitioner

Level: Intermediate

Subjects: Information Protection Governance, Security

Duration: 36 minutes

Create and manage Microsoft Sentinel workspaces

Units in this learning path:

• Introduction
• Plan for Workspace
• Create Workspace
• Manage Workspaces Across Tenants Using Azure Lighthouse
• Understand Permissions Roles
• Settings
• Configure Logs
• Knowledge Check
• Summary Resources

Products: Microsoft Defender, Microsoft Sentinel, Azure Log Analytics

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection, Cloud Security

Duration: 41 minutes

Create and manage eDiscovery cases.

Units in this learning path:

• Introduction
• Ediscovery Prerequisites
• Create Manage Ediscovery Case
• Case Access Permissions
• Configure Case Settings
• Knowledge Check
• Summary

Products: Microsoft Purview, M365

Roles: Administrator, Auditor

Level: Intermediate

Subjects: Security, Compliance

Duration: 31 minutes

Create and manage sensitive information types.

Units in this learning path:

• Introduction
• Sensitive Info Type Overview
• Compare Built Versus Custom
• Create Manage Custom
• Describe Custom with Exact Data Match
• Implement Document Fingerprinting
• Describe Named Entities
• Create Keyword Dictionary
• Knowledge Check
• Summary Resources

Products: M365

Roles: Auditor, Ip Admin, Risk Practitioner

Level: Intermediate

Subjects: Information Protection Governance

Duration: 67 minutes