Design solutions for security operations

Design solutions for security operations

You learn techniques to design security operations capabilities including logging, auditing, Security Information and Event Management (SIEM), Security Orchestration and Automated Response (SOAR), and security workflows.

Note

This content was partially created with the help of AI. An author reviewed and revised the content as needed. Read more.
Security Engineer
Solution Architect
Azure
Microsoft Sentinel
Microsoft Defender for Cloud
Microsoft Defender for Cloud Apps
Microsoft Defender for Identity

Module Objectives

By the end of this module, you are able to:

  • Design security operations capabilities in hybrid and multicloud environments.
  • Design centralized logging and auditing.
  • Design Security Information and Event Management (SIEM) solutions.
  • Design a solution for detection and response that includes Extended Detection and Response (XDR).
  • Design a solution for security orchestration, automation, and response (SOAR).
  • Design security workflows.
  • Design and evaluate threat detection with the MITRE ATT&CK framework.

Units

Prerequisites

  • Advanced experience and knowledge in identity and access, platform protection, security operations, securing data, and securing applications.
  • Experience with hybrid and cloud implementations.