info@infoventure.com +1 905 625 2727 Login Support
Company logo

Infoventure

SC-5001: Configure SIEM security operations using Microsoft Sentinel

Learn new skills and discover the power of Microsoft Azure with step-by-step guidance.

Master SIEM operations

Detect & respond threats

Automate security responses

  • Instructor-led

  • Official Courseware

  • Flexible Schedule

  • Guaranteed To Run

This intermediate‑level course teaches you how to configure and operate SIEM (Security Information and Event Management) using Microsoft Sentinel. Learn to set up Sentinel workspaces, connect data sources including Windows security events, build analytics rules, and automate responses to cyber threats. By the end, you’ll be equipped to strengthen security operations, streamline threat detection, and respond efficiently within cloud‑native environments.

Course Overview

  • Course : SC-5001: Configure SIEM security operations using Microsoft Sentinel

  • Level : Intermediate

  • Type : Instructor led Live online or Classroom

  • Length : 1 day

  • Labs : Included

  • Practice Test : Included

Who should take this course

  • Security Operations Analysts

  • SOC team members

  • Cloud security engineers

  • IT security professionals

  • Threat detection specialists

  • Azure platform administrators

  • Security administrators

Prerequisites

  • Fundamental understanding of Microsoft Azure

  • Basic knowledge of Microsoft Sentinel

  • Experience with Kusto Query Language (KQL) for analytics

What you'll learn

  • Create and configure Microsoft Sentinel workspaces

  • Connect Microsoft services to Sentinel securely

  • Integrate Windows hosts for security events

  • Configure Sentinel analytics detection rules

  • Set up automated response workflows

  • Respond to threats with automated actions

  • Extend SIEM with custom dashboards

  • Enhance alerting with analytics optimization

Certificate
Training Mode

Instructor-led Virtual online live Training.

  • Weekend Classes

  • Evening Classes

  • Weekdays Classes

Course Outline

Module 1: Create and manage Microsoft Sentinel workspaces

  • Plan for the Microsoft Sentinel workspace

  • Create a Microsoft Sentinel workspace

  • Manage workspaces across tenants using Azure Lighthouse

  • Understand Microsoft Sentinel permissions and roles

  • Manage Microsoft Sentinel settings

  • Configure logs

  • Module assessment

Module 2: Connect Microsoft services to Microsoft Sentinel

  • Plan for Microsoft services connectors

  • Connect the Microsoft 365 connector

  • Connect the Microsoft Entra connector

  • Connect the Microsoft Entra ID Protection connector

  • Connect the Azure Activity connector

  • Module assessment

Module 3: Create and manage Microsoft Sentinel workspaces

  • Plan for Windows hosts security events connector

  • Connect using the Windows Security Events via AMA Connector

  • Connect using the Security Events via Legacy Agent Connector

  • Collect Sysmon event logs

  • Module assessment

Module 4: Connect Microsoft services to Microsoft Sentinel

  • What is Microsoft Sentinel Analytics?

  • Types of analytics rules

  • Create an analytics rule from templates

  • Create an analytics rule from wizard

  • Manage analytics rules

Module 5: Automation in Microsoft Sentinel

  • Understand automation options

  • Create automation rules

  • Module assessment

Module 6: Configure SIEM security operations using Microsoft Sentinel

Best Value offer

  • Official Courseware

  • Instructor-led live online / Classroom

  • Flexible Schedule

  • Course Completion Certification

US$ 695

Buy now, pay later with PayPal

Our upcoming class schedule is currently being finalized.

Let us know your preferred start date, and we'll update you.

We’re Here to Assist You

4 days

Advanced

5 days

Intermediate

4 days

Advanced

What are the prerequisites for the training?

Some courses may require basic knowledge of IT infrastructure. Check the specific course details for prerequisites.

Can I start even if I am new to Cloud computing?

Yes, our expert instructor will help you from scratch, the course is designed in a way that you will get understanding of Cloud.

Can I get support after course?

Sure, we would happy to assist you. Please direct your queries to info@infoventure.com

AWS Authorized Partner

Microsoft Authorized Partner

CompTIA Authorized Partner

EC-Council Authorized Partner

PECB Authorized Partner

Quick links

Info@infoventure.com

+1 905 625 2727

www.infoventure.com

Mississauga, CANADA

Follow us

Newsletter

Technology moves fast. Make sure you are up to speed with IT Trainings.

All rights reserved. © 2016 - 2026 - Infoventure Technologies Inc.