From the course: Microsoft Security Operations Analyst Associate (SC-200) Exam Tips
Join today to access over 23,100 courses taught by industry experts.
Demo: Microsoft Sentinel analytics and automation
From the course: Microsoft Security Operations Analyst Associate (SC-200) Exam Tips
Demo: Microsoft Sentinel analytics and automation
- [Instructor] We're back in the Microsoft Sentinel overview page and in this exercise we are going to go through a little bit around looking at the analytics and security operations that go along with Microsoft Sentinel as part of a source solution. So let's go down and we're going to look into the configuration and in here we're going to go beyond just the data connectors and we're going to think about, okay, what do we have connected in here? And we're going to look at some analytics around it. And you can see, we already have noted a potential multi-stage attack in a fusion rule type and we can go in here and we can review what might be taking place within our environment. And what we can also do within these analytics and what we do with this information is we can find more content in Content hub for different print analysis that we may want to do. We can also create some levels of automation around what we have…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Design and configure a Microsoft Sentinel workspace3m 49s
-
(Locked)
Implement data connectors for Microsoft Sentinel3m 16s
-
(Locked)
Demo: Microsoft Sentinel setup demo5m 30s
-
(Locked)
Microsoft Sentinel analytics rules, queries, and alerts3m 51s
-
(Locked)
Microsoft Sentinel orchestration and automation3m 40s
-
(Locked)
Demo: Microsoft Sentinel analytics and automation2m 43s
-
(Locked)
-
-