Microsoft Sentinel course with hands on sims for beginners

Microsoft Sentinel course with hands on sims for beginners - Printable Version

+- Nice1 Community Forum (https://talk.nice1.org)
+-- Forum: Nice1 Community (https://talk.nice1.org/forumdisplay.php?fid=3)
+--- Forum: Media (https://talk.nice1.org/forumdisplay.php?fid=9)
+--- Thread: Microsoft Sentinel course with hands on sims for beginners (/showthread.php?tid=4714)

Microsoft Sentinel course with hands on sims for beginners - Courses2025 - 03-25-2026

[Image: 508a99d5f6ffd1d7c6ad001a58d542c8.webp]

Free Download Microsoft Sentinel course with hands on sims for beginners
Last updated 2/2026
Created by John Christopher | 480,000+ enrollments
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz, 2 Ch
Level: All Levels | Genre: eLearning | Language: English + subtitle | Duration: 60 Lectures ( 6h 49m ) | Size: 3.82 GB

Learn how to expertly administer Microsoft Sentinel (including SOAR and SIEM) with hands on experience!
[h2]What you'll learn[/h2]
✓ Learn the concepts and perform hands on activities needed to master Microsoft Sentinel (SOAR and SIEM)
✓ Gain a tremendous amount of knowledge involving Microsoft Sentinel (SOAR and SIEM)
✓ Learn using hands on simulations on how to manage Microsoft Sentinel (SOAR and SIEM)
✓ Learn how to set up your own test lab for practicing the concepts!
[h2]Requirements[/h2]
● Willingness to put in the time and practice the steps shown in the course
[h2]Description[/h2]
We really hope you'll agree, this training is way more than the average course on Udemy!
Have access to the following
• Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
• Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
• Instructor led hands on and simulations to practice that can be followed even if you have little to no experience
TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS
Introduction
• Welcome to the course
• Understanding the Microsoft Environment
• Foundations of Active Directory Domains
• Foundations of RAS, DMZ, and Virtualization
• Foundations of the Microsoft Cloud Services
• DONT SKIP: The first thing to know about Microsoft cloud services
• DONT SKIP: Azure AD is now renamed to Entra ID
• Questions for John Christopher
Performing hands on activities
• DONT SKIP: Using Assignments in the course
• Creating a free Microsoft 365 Account
• Getting your free Azure credit
Understanding and setting up a Microsoft Sentinel Workspace
• Overview of Microsoft Sentinel
• Configuring a Microsoft Sentinel workspace
• Managing roles regarding Sentinel
• Managing log types, log retention, and data storage in Sentinel
Working with data connectors and ingestion in Microsoft Sentinel
• Microsoft Sentinel data source identification
• Content hub solutions in Microsoft Sentinel
• Kusto Query Language (KQL) will get covered later in the course
• Microsoft connectors for Azure, including Azure Policy & diagnostics
• Azure Monitor Agent (AMA) and data collection rules
• Using Syslog and Common Event Format (CEF) event collections
• Working with Windows Security events and Windows Event Forwarding (WEF) collections
• How to create custom log tables in the workspace
• Ingesting Azure and Entra ID data
• Monitoring data ingestion
Using analytics rules in Microsoft Sentinel
• Using entities for classification and analysis
• Understanding analytics rules in Microsoft Sentinel
• Working with analytics rules
• Advanced Security Information Model(ASIM) queries with Microsoft Sentinel
• Behavioral analytics in Microsoft Sentinel
Dealing with incidents in Microsoft Sentinel
• Incident investigation and remediation in Microsoft Sentinel
• Concepts of automation rules and Microsoft Sentinel playbooks
• Working with automation rules in Microsoft Sentinel
• Working with playbooks in Microsoft Sentinel
• Concepts of running playbooks against on-premises resources
Understanding hunting with Kusto Query Language (KQL)
• Concepts of Kusto Query Language (KQL)
• Using Microsoft's demo environment for learning KQL
• Using basic KQL syntax
• Filtering based on time ranges with KQL
• Displaying columns, amounts and characters with KQL
• Working with variables and combining output data with KQL
• Looking at threats analytics by using KQL in Defender
• Using Microsoft's Sentinel and Defender repository for hunting queries
Threat hunting with queries and managing workbooks
• Using the MITRE ATT&CK matrix
• Working with threat indicators
• Working with hunts in Microsoft Sentinel
• How to monitor hunting queries
• Using hunting bookmarks
• Restoring archived log data
• Working with search jobs
• Using workbook templates
• Using custom workbooks that include KQL
• Adjusting workbook visualizations
Conclusion
• Cleaning up your lab environment
• Getting a Udemy certificate
• BONUS Where do I go from here?
[h2]Who this course is for[/h2]
■ IT people interested in learning a tremendous amount about Microsoft Sentinel (SOAR and SIEM)
[h2]Homepage[/h2]

Code:
https://www.udemy.com/course/microsoft-sentinel-course-with-hands-on-sims