Our cloud training videos have over 15M Impr on YouTube

SC-5001: Configure SIEM security operations using Microsoft Sentinel

Last Updated: 29-06-2026

The SC-5001: Configure SIEM Security Operations using Microsoft Sentinel course equips you with the essential skills to effectively configure and manage a Security Information and Event Management (SIEM) solution using Microsoft Sentinel. This course is designed for security professionals, administrators, and analysts who are looking to enhance their organization’s security operations with SIEM capabilities powered by Azure Sentinel.

  • Secure Your Investment: Our No Questions Asked Refund Policy.

  • Enterprise Grade LMS: Perform real labs, don't just watch videos and read pdf.

  • Industry Equivalent Labs: Develop real world technical skills (180 Days Access).

  • 100% Live Sessions: Stay focused and upskill today, not "someday." 

thumbnail

450K+

Career Transformation

40+

Workshop Every Month

60+

Countries and Counting

July 11th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
Fast Filling! Hurry Up.
July 12th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
July 13th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
July 18th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
July 19th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
July 20th - 21st
06:00 PM - 10:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
July 25th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
July 26th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
10% Off
$320
$288
July 27th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
Guaranteed-to-Run
10% Off
$320
$288
August 01st
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 02nd
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 03rd
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 08th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 09th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 10th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 15th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 16th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 17th - 18th
06:00 PM - 10:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 22nd
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 23rd
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
20% Off
$320
$256
August 24th
09:00 AM - 05:00 PM (CST)
Live Online (8 Hrs.)
Guaranteed-to-Run
20% Off
$320
$256

Course Prerequisites

Before attending this course, participants should have:

  • A foundational understanding of network security and cloud security concepts.
  • Basic experience with Microsoft Azure, Azure Active Directory, and Microsoft 365 security solutions.
  • Familiarity with security monitoring and incident management workflows.
  • Knowledge of Microsoft Defender and other Microsoft security solutions is a plus but not required.
  • Basic experience with PowerShell or Azure CLI is helpful for hands-on labs but not mandatory.

Learning Objectives

By the end of this course, participants will be able to:

  • Understand the core concepts of SIEM and how Microsoft Sentinel fits into a security operations framework.
  • Deploy and configure Microsoft Sentinel to collect and analyze security data from on-premises and cloud-based environments.
  • Set up data connectors to integrate Microsoft Sentinel with third-party security tools, cloud platforms, and network devices.
  • Configure Log Analytics workspaces and create custom KQL queries to analyze and correlate security events.
  • Use Microsoft Sentinel’s built-in analytics to detect threats, identify anomalies, and investigate security incidents.
  • Build and deploy playbooks in Sentinel to automate security incident response and orchestrate workflows.
  • Configure alerting rules to monitor security events and notify the appropriate stakeholders.
  • Leverage Sentinel’s machine learning-based threat detection capabilities to enhance proactive threat hunting.
  • Optimize Sentinel’s performance by managing retention policies and setting up cost-effective data collection strategies.
  • Understand the integration of Sentinel with other Microsoft security solutions like Microsoft Defender and Azure Security Center for comprehensive threat protection.

Target Audience

This course is ideal for:

  • Security engineers and security analysts responsible for implementing and managing SIEM systems in an enterprise environment.
  • SOC analysts who want to streamline threat detection and response using Microsoft Sentinel.
  • IT professionals and cloud administrators looking to enhance their security monitoring practices using Azure Sentinel.
  • Security operations managers seeking to build or refine their SIEM strategy using Microsoft Sentinel.
  • Microsoft 365 administrators and Azure administrators who want to integrate Sentinel into their organization's existing security operations.
  • Security consultants who need expertise in configuring and managing SIEM tools for enterprise clients.

 

Course Modules

1. Create and manage Microsoft Sentinel workspaces

  • Introduction

  • Plan for the Microsoft Sentinel workspace

  • Create a Microsoft Sentinel workspace

  • Manage workspaces across tenants using Azure Lighthouse

  • Understand Microsoft Sentinel permissions and roles

  • Manage Microsoft Sentinel settings

  • Configure logs

2. Connect Microsoft services to Microsoft Sentinel 

  • Introduction

  • Plan for Microsoft services connectors

  • Connect the Microsoft 365 connector

  • Connect the Microsoft Entra connector

  • Connect the Microsoft Entra ID Protection connector

  • Connect the Azure Activity connector

3. Connect Windows hosts to Microsoft Sentinel 

  • Introduction

  • Plan for Windows hosts security events connector

  • Connect using the Windows Security Events via AMA Connector

  • Connect using the Security Events via Legacy Agent Connector

  • Collect Sysmon event logs

4. Threat detection with Microsoft Sentinel analytics 

  • Introduction

  • Exercise - Detect threats with Microsoft Sentinel analytics (Part 1)

  • What is Microsoft Sentinel Analytics?

  • Types of analytics rules

  • Create an analytics rule from templates

  • Create an analytics rule from wizard

  • Manage analytics rules

  • Exercise - Detect threats with Microsoft Sentinel analytics (Part 2)

5. Automation in Microsoft Sentinel 

  • Introduction

  • Understand automation options

  • Create automation rules

6. Configure SIEM security operations using Microsoft Sentinel 

  • Introduction

  • Exercise - Configure SIEM operations using Microsoft Sentinel

  • Exercise - Install Microsoft Sentinel Content Hub solutions and data connectors

  • Exercise - Configure a data connector Data Collection Rule

  • Exercise - Perform a simulated attack to validate the Analytic and Automation rules

  • Exercise - Connect Microsoft Sentinel to Microsoft Defender XDR

Register Your Interest

What Our Learners Are Saying