Microsoft Security Operations Analyst (SOC enginner)

Focused View

Fabrice Chrzanowski

8:54:14

108 View

1 - Introduction

1 - Introduction.mp4

02:19

1 - Microsoft-Defender.pptx

2 - Preparation

2 - How to prepare this training.mp4

08:25

2 - evaluate and pilot microsoft 365 defender.zip

3 - License.mp4

01:42

3 - license.zip

3 - Threat detections

4 - What are Threat.mp4

13:50

5 - Simulation presentation.mp4

23:24

4 - Microsoft defender 365

6 - How to access Ms defender.mp4

07:09

7 - Investigation incidents and alerts.mp4

06:38

8 - Manage alerts.mp4

06:27

9 - Automated investigation AIR.mp4

25:08

10 - Action center.mp4

05:55

11 - Advanced hunting with KQL.mp4

18:37

5 - Azure identity protection

12 - What is Azure AD identity protection.mp4

10:05

6 - Microsoft defender for Office 365

13 - Defender for office 365 safe attachment.mp4

07:10

14 - Defender for office 365 safe links.mp4

02:48

15 - Defender for office 365 anti phishing.mp4

03:10

16 - Defender for office 365 interactive presentation.mp4

12:48

7 - Microsoft defender for indentity

17 - Protect your onprem assets with Ms defender for identity.mp4

21:01

8 - Microsoft defender for Apps

18 - Microsoft defender for cloud Apps overview.mp4

21:28

9 - Data loss prevention overview

19 - What is DLP.mp4

08:04

20 - Insider risks.mp4

10:46

10 - Microsoft defender for endpoint

21 - What is Ms defender for endpoint.mp4

20:38

21 - what is ms defender for endpoint.zip

22 - Onboard device and diags.mp4

09:09

23 - Onboard your first device with Powershell script.mp4

10:36

24 - Run attack on MDE.mp4

17:21

25 - RBAC with MDE.mp4

13:59

26 - Permissions.mp4

09:11

27 - ASR Rules and advanced protection.mp4

20:25

28 - Deploy ASR with intunes.mp4

10:19

11 - Microsoft defender for cloud

29 - What is MS defender for cloud.mp4

06:20

29 - defender for cloud.zip

30 - Interactive guide.mp4

13:09

31 - Connect your assets.mp4

03:56

32 - Connect your no azure assets.mp4

07:10

33 - Manage the alerts.mp4

09:26

34 - Enable Ms defender for cloud.mp4

19:31

12 - Kusto Query Language KQL overview

35 - How to use Kusto Query Language KQL.mp4

34:48

35 - kql.zip

13 - Azure sentinel

36 - What is azure entinel.mp4

19:33

36 - sentinel.zip

37 - What are connectors.mp4

09:25

37 - connectors.zip

37 - detections.zip

38 - Add Azure VM to sentinel.mp4

08:39

38 - hunting.zip

39 - Add no azure VM to sentinel.mp4

07:18

40 - Add no linux VM to sentinel.mp4

14:00

41 - Add logic app and link to ms teams.mp4

11:48

42 - Create a schedule query rule.mp4

12:28

43 - Enable UEBA.mp4

03:52

14 - The exam

44 - Some review questions.mp4

04:13

45 - Others questions.mp4

20:06

Description

Microsoft SOC engineer Today. Learn Alerts, Incident, Ms defender for endpoint, Office 365, Sentinel, Cloud and KQL...

What You'll Learn?

What is Microsoft defender for Endpoint (MDE)
What is Microsoft defender for Office 365
What is Microsoft defender for identity
What is Microsoft defender for Cloud
What is Azure identity protection
Learn KQL
Investigation incidents and alerts
Detection of threat
Insider risks
Azure sentinel

Who is this for?

Security Operations Analyst

M365 administrator

More details

Description
The Microsoft security operations analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.
Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products.
Since the security operations analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
Candidates for this role should be familiar with attack vectors, cyberthreats, incident management, and Kusto Query Language (KQL). Candidates should also be familiar with Microsoft 365 and Azure services.

What will be cover in this course :

Introduction to Microsoft 365 threat protection
Mitigate incidents using Microsoft 365 Defender
Protect your identities with Azure AD Identity Protection
Remediate risks with Microsoft Defender for Office 365
Safeguard your environment with Microsoft Defender for Identity
Secure your cloud apps and services with Microsoft Defender for Cloud Apps
Respond to data loss prevention alerts using Microsoft 365
Manage insider risk in Microsoft Purview
Protect against threats with Microsoft Defender for Endpoint
Deploy the Microsoft Defender for Endpoint environment
Implement Windows security enhancements with Microsoft Defender for Endpoint
Perform device investigations in Microsoft Defender for Endpoint
Perform actions on a device using Microsoft Defender for Endpoint
Perform evidence and entities investigations using Microsoft Defender for Endpoint
Configure and manage automation using Microsoft Defender for Endpoint
Configure for alerts and detections in Microsoft Defender for Endpoint
Utilize Vulnerability Management in Microsoft Defender for Endpoint
Plan for cloud workload protections using Microsoft Defender for Cloud
Connect Azure assets to Microsoft Defender for Cloud
Connect non-Azure resources to Microsoft Defender for Cloud
Manage your cloud security posture management
Explain cloud workload protections in Microsoft Defender for Cloud
Remediate security alerts using Microsoft Defender for Cloud
Construct KQL statements for Microsoft Sentinel
Analyze query results using KQL
Build multi-table statements using KQL
Work with data in Microsoft Sentinel using Kusto Query Language
Introduction to Microsoft Sentinel
Create and manage Microsoft Sentinel workspaces
Query logs in Microsoft Sentinel
Use watchlists in Microsoft Sentinel
Utilize threat intelligence in Microsoft Sentinel
Connect data to Microsoft Sentinel using data connectors
Connect Microsoft services to Microsoft Sentinel
Connect Microsoft 365 Defender to Microsoft Sentinel
Connect Windows hosts to Microsoft Sentinel
Connect Common Event Format logs to Microsoft Sentinel
Connect syslog data sources to Microsoft Sentinel
Connect threat indicators to Microsoft Sentinel
Threat detection with Microsoft Sentinel analytics
Automation in Microsoft Sentinel
Threat response with Microsoft Sentinel playbooks
Security incident management in Microsoft Sentinel
Identify threats with Behavioral Analytics
Data normalization in Microsoft Sentinel
Query, visualize, and monitor data in Microsoft Sentinel
Manage content in Microsoft Sentinel
Explain threat hunting concepts in Microsoft Sentinel
Threat hunting with Microsoft Sentinel
Use Search jobs in Microsoft Sentinel
Hunt for threats using notebooks in Microsoft Sentinel
And more

Nice training !

Who this course is for:
Security Operations Analyst
M365 administrator

User Reviews

Rating

average 0

Total votes0

Focused display

Bonjour?Je m'appelle Fabrice Je vis actuellement à MalteDepuis plus de 25 ans, je suis expert en administration système et multi cloud (Google, Aws et Azure). Je suis passionné par mon métier. J'aime partager mes connaissances en informatique.Je vous souhaite à tous une excellente santé et de supers cours

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.