->
Microsoft Security Operations Analyst (Soc Enginner)
Categories: Tutorials » Development

Microsoft Security Operations Analyst (Soc Enginner)

Published 1/2023MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHzLanguage: English | Size: 5.50 GB | Duration: 8h 54m


 

Microsoft SOC eeer Today. Learn Alerts, Incident, Ms defender for endpoint, Office 365, Sentinel, Cloud and KQL...

What you'll learn

What is Microsoft defender for Endpoint (MDE)

What is Microsoft defender for Office 365

What is Microsoft defender for identity

What is Microsoft defender for Cloud

What is Azure identity protection

Learn KQL

Investigation incidents and alerts

Detection of threat

Insider risks

Qzure sentinel

Requirements

Microsoft 365 administration is a good start

Description

The Microsoft security operations analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the security operations analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.Candidates for this role should be familiar with attack vectors, cyberthreats, incident management, and Kusto Query Language (KQL). Candidates should also be familiar with Microsoft 365 and Azure services.What will be cover in this course : Introduction to Microsoft 365 threat protectioigate incidents using Microsoft 365 DefenderProtect your identities with Azure AD Identity ProtectionRemediate risks with Microsoft Defender for Office 365Safeguard your environment with Microsoft Defender for IdentitySecure your cloud apps and services with Microsoft Defender for Cloud AppsRespond to data loss prevention alerts using Microsoft 365Manage insider risk in Microsoft PurviewProtect against threats with Microsoft Defender for EndpointDeploy the Microsoft Defender for Endpoint environmentImplement Windows security enhancements with Microsoft Defender for EndpointPerform device investigations in Microsoft Defender for EndpointPerform actions on a device using Microsoft Defender for EndpointPerform evidence and entities investigations using Microsoft Defender for EndpointConfigure and manage automation using Microsoft Defender for EndpointConfigure for alerts and detections in Microsoft Defender for EndpointUtilize Vulnerability Management in Microsoft Defender for EndpointPlan for cloud workload protections using Microsoft Defender for CloudConnect Azure assets to Microsoft Defender for CloudConnect non-Azure resources to Microsoft Defender for CloudManage your cloud security posture managementExplain cloud workload protections in Microsoft Defender for CloudRemediate security alerts using Microsoft Defender for CloudConstruct KQL statements for Microsoft SentinelAnalyze query results using KQLBuild multi-table statements using KQLWork with data in Microsoft Sentinel using Kusto Query LanguageIntroduction to Microsoft SentinelCreate and manage Microsoft Sentinel workspacesQuery logs in Microsoft SentinelUse watchlists in Microsoft SentinelUtilize threat intelligence in Microsoft SentinelConnect data to Microsoft Sentinel using data connectorsConnect Microsoft services to Microsoft SentinelConnect Microsoft 365 Defender to Microsoft SentinelConnect Windows hosts to Microsoft SentinelConnect Common Event Format logs to Microsoft SentinelConnect syslog data sources to Microsoft SentinelConnect threat indicators to Microsoft Sentinel Threat detection with Microsoft Sentinel analyticsAutomation in Microsoft SentinelThreat response with Microsoft Sentinel playbooksSecurity incident management in Microsoft SentinelIdentify threats with Behavioral AnalyticsData normalization in Microsoft SentinelQuery, visualize, and monitor data in Microsoft SentinelManage content in Microsoft SentinelExplain threat hunting concepts in Microsoft SentinelThreat hunting with Microsoft SentinelUse Search jobs in Microsoft SentinelHunt for threats using notebooks in Microsoft SentinelAnd moreNice training !

Overview

Section 1: Introduction

Lecture 1 Introduction

Section 2: Preparation

Lecture 2 How to prepare this training

Lecture 3 License

Section 3: Threat detections

Lecture 4 What are Threat

Lecture 5 Simulation presentation

Section 4: Microsoft defender 365

Lecture 6 How to access Ms defender

Lecture 7 Investigation incidents and alerts

Lecture 8 Manage alerts

Lecture 9 Automated investigation AIR

Lecture 10 Action center

Lecture 11 Advanced hunting with KQL

Section 5: Azure identity protection

Lecture 12 What is Azure AD identity protection

Section 6: Microsoft defender for Office 365

Lecture 13 Defender for office 365 safe attachment

Lecture 14 Defender for office 365 safe links

Lecture 15 Defender for office 365 anti phishing

Lecture 16 Defender for office 365 interactive presentation

Section 7: Microsoft defender for indentity

Lecture 17 Protect your onprem assets with Ms defender for identity

Section 8: Microsoft defender for Apps

Lecture 18 Microsoft defender for cloud Apps (overview)

Section 9: Data loss prevention (overview)

Lecture 19 What is DLP

Lecture 20 Insider risks

Section 10: Microsoft defender for endpoint

Lecture 21 What is Ms defender for endpoint

Lecture 22 Onboard device and diags

Lecture 23 Onboard your first device with Powershell script

Lecture 24 Run attack on MDE

Lecture 25 RBAC with MDE

Lecture 26 Permissions

Lecture 27 ASR Rules and advanced protection

Lecture 28 Deploy ASR with intunes

Section 11: Microsoft defender for cloud

Lecture 29 What is MS defender for cloud

Lecture 30 Interactive guide

Lecture 31 Connect your assets

Lecture 32 Connect your no azure assets

Lecture 33 Manage the alerts

Lecture 34 Enable Ms defender for cloud

Section 12: Kusto Query Language (KQL) overview

Lecture 35 How to use Kusto Query Language (KQL)

Section 13: Azure sentinel

Lecture 36 What is azure entinel

Lecture 37 What are connectors

Lecture 38 Add Azure VM to sentinel

Lecture 39 Add no azure VM to sentinel

Lecture 40 Add no linux VM to sentinel

Lecture 41 Add logic app and link to ms teams

Lecture 42 Create a schedule query rule

Lecture 43 Enable UEBA

Section 14: The exam

Lecture 44 Some review questions

Lecture 45 Others questions

Security Operations Analyst,M365 administrator

HomePage:

https://www.udemy.com/course/microsoft-security-operations-analyst-soc-ener/

 

 

 


 TO MAC USERS: If RAR password doesn't work, use this archive program: 

RAR Expander 0.8.5 Beta 4  and extract password protected files without error.


 TO WIN USERS: If RAR password doesn't work, use this archive program: 

Latest Winrar  and extract password protected files without error.


 Themelli   |  

Information
Members of Guests cannot leave comments.


Categories Sitemap



rss