In this module, you've learned how to build an overall security operations strategy with zero trust in mind. You have learned different strategies for designing, defining, and recommending an organizational security strategy and architecture. You should now be able to:

  • Design a logging and auditing security strategy
  • Develop security operations for hybrid and multicloud environments
  • Design a strategy for Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR)
  • Evaluate security workflows
  • Review security strategies for incident management
  • Evaluate security operations for technical threat intelligence

Learn more with optional hands-on exercises


  • Microsoft Sentinel Training Lab - eight modules covering data connectors, analytics rules, incident management, hunting, watchlists, threat intelligence, and the content hub.

Learn more with security documentation

Learn more with self-paced training