Explore digital courses

Connect Microsoft services to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Connectors
• Connect Office 365 Connector
• Connect Azure Active Directory Connector
• Connect Azure Active Directory Identity Protection Connector
• Connect Azure Activity Connector
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Entra Id, Defender Xdr

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 26 minutes

Connect Windows hosts to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Security Events Connector
• Configure Data Collection Rules
• Connect Windows Hosts
• Collect Sysmon Event Logs
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Windows Security, Sysinternals, Azure Policy

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 26 minutes

Connect data to Microsoft Sentinel using data connectors

Units in this learning path:

• Introduction
• Ingest Log Data
• Understand Data Connector Providers
• View Connected Hosts
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Defender, Microsoft Sentinel, Azure Log Analytics

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 22 minutes

Connect logs to Microsoft Sentinel

Modules in this learning path:

• Connect Data to Azure Sentinel with Data Connectors
• Connect Microsoft Services to Azure Sentinel
• Connect Microsoft Defender 365 to Azure Sentinel
• Connect Windows Hosts to Azure Sentinel
• Connect Common Event Format Cef Logs to Azure Sentinel
• Connect Syslog Data Sources to Azure Sentinel
• Connect Threat Indicators to Azure Sentinel

Products: Azure, Azure Log Analytics, Microsoft Sentinel

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 184 minutes

Connect non-Azure resources to Microsoft Defender for Cloud

Units in this learning path:

• Introduction
• Protect Resources
• Azure Resources
• Connect Your Aws Accounts
• Connect Your Gcp Accounts
• Knowledge Check
• Summary Resources

Products: Azure, Azure Arc, Defender For Cloud

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 44 minutes

Connect syslog data sources to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Syslog Connector
• Collect Data from Linux Based Sources Using Syslog
• Configure Log Analytics Agent
• Parse Syslog Data
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Azure Log Analytics, Azure Monitor

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 28 minutes

Connect threat indicators to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Threat Intelligence Connectors
• Defender Threat Intelligence Connector
• Intelligence Taxii Connector
• Intelligence Upload API Connector
• View Your Threat Indicators
• Knowledge Check
• Summary Resources

Products: Microsoft Defender, Microsoft Sentinel, Defender For Threat Intelligence

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Security, Cloud Security, Threat Protection

Duration: 33 minutes

Construct KQL statements for Microsoft Sentinel

Units in this learning path:

• Introduction
• Understand Kql Statement Structure
• Use Search Operator
• Use Where Operator
• Use Let Statement
• Use Extend Operator
• Use Order by Operator
• Use Project Operators
• Knowledge Check
• Summary Resources

Products: Defender Xdr, Azure Data Explorer, Azure Log Analytics, Microsoft Sentinel

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 36 minutes

Discover how to protect your APIs from unauthorized use with API keys and client certificate authentication.

Units in this learning path:

• 1 Introduction
• Understand Apim
• 2 Create Subscriptions in Apim
• 3 Exercise Create Subscriptions in Apim
• 4 Secure Access Client Certs
• 5 Exercise Secure Access Client Certs
• 6 Summary

Products: Azure, Azure API Management

Roles: Solution Architect, Developer, Security Engineer

Level: Intermediate

Subjects: Identity Access

Duration: 55 minutes

Data-flow diagrams are graphical representations of your system and should specify each element, their interactions, and context.

Units in this learning path:

• 1 Introduction
• 1b Elements
• 2 Process the Task Element
• 3 Data Store the Storage Element
• 4 External Entity the No Control Element
• 5 Data Flow the Data in Transit Element
• 6 Trust Boundary the Trust Zone Change Element
• 7 Summary

Products: Azure, Defender For Cloud, M365 Security Center, Defender For Cloud Apps

Roles: Administrator, Developer, Devops Engineer, Security Engineer, Solution Architect

Level: Beginner

Subjects: Threat Protection

Duration: 42 minutes

This credential earner demonstrated their applied knowledge in creating and implementing security measures for a technology company. The earner has implemented essential security controls, identified common threats and attacks, and understood data and access controls. The earner will build and develop their transferable skills and gain real industry experience.

Microsoft Purview sensitivity labels enable you to classify and protect sensitive data throughout your organization, including in the cloud and on devices. This module covers how to classify and protect sensitive information to ensure its security and compliance.

Units in this learning path:

• Introduction
• Information Protection Overview
• Configure Sensitivity Labels
• Configure Sensitivity Label Encryption
• Configure Auto Labeling Policies
• Manage Monitor Remediate
• Knowledge Check
• Summary

Products: Microsoft Purview, M365, Office 365

Roles: Administrator

Level: Intermediate

Subjects: Information Protection Governance

Duration: 54 minutes