Eccentrix - Trainings catalog - Microsoft - Security - Configure SIEM security operations using Microsoft Sentinel (SC-5001)

Configure SIEM security operations using Microsoft Sentinel (SC-5001)

Name: Microsoft Sentinel SIEM training | SC-5001 | Eccentrix
Availability: InStock

Get started with Microsoft Sentinel security operations by configuring the Microsoft Sentinel workspace, connecting Microsoft services and Windows security events to Microsoft Sentinel, configuring Microsoft Sentinel analytics rules, and responding to threats with automated responses.

Related trainings

Microsoft Certified: Security Operations Analyst Associate (SC200)
Enhance security operations by using Microsoft Security Copilot (SC-5006)
Secure Azure services and workloads with Microsoft Defender for Cloud regulatory compliance controls (SC-5002)
Microsoft Certified: Identity and Access Administrator Associate (SC300)

Exclusives

Technical lab: Available for 180 days of online access
Class material: Complete and up to date with Microsoft Learn
Proof of attendance: Digital badge for completing the official Microsoft course
Fast and guaranteed schedule: Maximum wait of 4 to 6 weeks after participant registrations, guaranteed date

Private class

Reserve this training exclusively for your organization with pricing adapted to the number of participants. Our pricing for private classes varies according to the size of your group, with a guaranteed minimum threshold to maintain pedagogical quality.

Volume-based pricing discount according to the number of participants
Training delivered in an environment dedicated to your team
Scheduling flexibility according to your availability
Enhanced interaction among colleagues from the same organization
Same exclusive benefits as our public training sessions

How to get a proposal?

Use the request form by specifying the number of participants. We will quickly send you a complete proposal with the exact pricing, available dates, and details of all the benefits included in your private training.

Training plan

Module 1: Create and manage Microsoft Sentinel workspaces

Introduction
Plan for the Microsoft Sentinel workspace
Create a Microsoft Sentinel workspace
Manage workspaces across tenants using Azure Lighthouse
Understand Microsoft Sentinel permissions and roles
Manage Microsoft Sentinel settings
Configure logs

Module 2: Connect Microsoft services to Microsoft Sentinel

Introduction
Plan for Microsoft services connectors
Connect the Microsoft Office 365 connector
Connect the Microsoft Entra connector
Connect the Microsoft Entra ID Protection connector
Connect the Azure Activity connector

Module 3: Connect Windows hosts to Microsoft Sentinel

Introduction
Plan for Windows hosts security events connector
Connect using the Windows Security Events via AMA Connector
Connect using the Security Events via Legacy Agent Connector
Collect Sysmon event logs

Module 4: Threat detection with Microsoft Sentinel analytics

Introduction
Exercise – Detect threats with Microsoft Sentinel analytics
What is Microsoft Sentinel Analytics?
Types of analytics rules
Create an analytics rule from templates
Create an analytics rule from wizard
Manage analytics rules
Exercise – Detect threats with Microsoft Sentinel analytics

Module 5: Automation in Microsoft Sentinel

Introduction
Understand automation options
Create automation rules

Module 6: Configure SIEM security operations using Microsoft Sentinel

Introduction
Exercise – Configure SIEM operations using Microsoft Sentinel
Exercise – Install Microsoft Sentinel Content Hub solutions and data connectors
Exercise – Configure a data connector Data Collection Rule
Exercise – Perform a simulated attack to validate the Analytic and Automation rules

Recommended prerequisite knowledge

Fundamental understanding of Microsoft Azure
Basic understanding of Microsoft Sentinel
Experience using Kusto Query Language (KQL) in Microsoft Sentinel

Eccentrix Corner article/publication

Image representing rights management with Entra ID - Eccentrix

Microsoft Entra ID: Advanced Rights Management Implementation

Image representing Cloud security with Microsoft Defender XDR - Eccentrix

Microsoft Defender XDR: Security Patterns That Drive Effective Defense

An illustration depicting the concept of Azure Zero Trust in the cloud - Eccentrix

Zero Trust in Azure Security

A visual that helps distinguish between IDS and firewalls to protect the computer network - Eccentrix

Navigating the Cybersecurity Frontier: Understanding the Distinct Roles of IDS and Firewalls

An image of AI that plays a pivotal role in the cybersecurity industry - Eccentrix

The Role of Artificial Intelligence in Cybersecurity: Enhancing Threat Detection and Response

Microsoft Sentinel SIEM Training

The Microsoft Sentinel SIEM training offers an in-depth understanding of Microsoft Sentinel, a cloud-based Security Information and Event Management (SIEM) solution. This course teaches security professionals how to configure, manage, and optimize Security Operations Center (SOC) operations using Sentinel while addressing modern cybersecurity challenges.

Ideal for SOC analysts, security administrators, and IT professionals, this training equips you with practical skills to detect, analyze, and respond effectively to security threats in cloud and hybrid environments.

Why Choose the Microsoft Sentinel Training (SC-5001)?

Microsoft Sentinel is a leading SIEM solution that integrates artificial intelligence and machine learning to monitor and analyze security data in real time. With increasingly sophisticated threats, organizations require experts capable of configuring and utilizing advanced tools like Sentinel to secure their systems.

This training prepares you to maximize SOC efficiency by automating threat detection and response processes while ensuring compliance with organizational and regulatory requirements.

Key Skills Developed in the Training

Configure and customize Microsoft Sentinel
Learn how to deploy Sentinel and integrate data sources for comprehensive monitoring.
Create advanced detection rules
Configure custom alerts and AI-based analytics to identify suspicious activities.
Automate incident response
Implement playbooks and automated processes to accelerate threat response.
Optimize analytics and dashboards
Learn to visualize security data through custom, interactive dashboards.
Integrate Sentinel with existing security solutions
Discover how to connect Sentinel with other Microsoft and third-party tools for an integrated security ecosystem.
Monitor and respond to threats in real time
Master techniques to quickly detect, analyze, and neutralize cyberattacks.

Comprehensive, Instructor-Led Training

This training is delivered by Microsoft-certified experts who bring practical experience and real-world scenarios into the classroom. Participants benefit from interactive exercises to apply their skills and prepare to tackle security challenges in real-world environments.

Who Should Attend?

This training is ideal for:

SOC analysts responsible for threat monitoring and management
Security administrators seeking to enhance their SIEM management skills
IT professionals looking to master Microsoft Sentinel in cloud and hybrid environments
Organizations aiming to improve the efficiency of their security operations

Strengthen Your SOC Operations with Microsoft Sentinel

The Configuring SIEM Security Operations with Microsoft Sentinel (SC-5001) training provides you with the skills needed to manage and optimize modern SIEM solutions. Enroll today to enhance your threat response capabilities and effectively secure your organization.