Summary
In this module, you've learned how to build an overall security operations strategy with zero trust in mind. You have learned different strategies for designing, defining, and recommending an organizational security strategy and architecture. You should now be able to:
- Design a logging and auditing security strategy
- Develop security operations for hybrid and multicloud environments
- Design a strategy for Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR)
- Evaluate security workflows
- Review security strategies for incident management
- Evaluate security operations for technical threat intelligence
Learn more with optional hands-on exercises
Note
- Students who don't already have an Azure subscription can sign up for one free
- Students who don't already have a Microsoft 365 subscription can setup an M365 E5 sandbox subscription
- Microsoft Sentinel Training Lab - eight modules covering data connectors, analytics rules, incident management, hunting, watchlists, threat intelligence, and the content hub.
Learn more with security documentation
- Security operations in Azure
- Azure security logging and auditing
- Integrate your SIEM tools with Microsoft Defender for Endpoint
- Improve security with Azure Sentinel, a cloud-native SIEM and SOAR solution
- Microsoft security incident management - Microsoft Service Assurance
- Cyber threat intelligence in Microsoft Sentinel - Azure Example Scenarios
- Visualize collected data
- Overview - Microsoft Defender for IoT for organizations - Microsoft Defender for IoT
- Understand threat intelligence concepts in Microsoft Defender for Endpoint
Learn more with self-paced training
Need help? See our troubleshooting guide or provide specific feedback by reporting an issue.