Category: SC200

Configuring and Deploying a VM using ARM Template 

Configuration Storage Account  Public IP  Network Security Group  Virtual Network  Network Interface (NIC)  Virtual Machine …

SC-200 Sentinel – Privilege escalation attack – Simulation, detection and response

source: SC-200T00A-Microsoft-Security-Operations-Analyst Part 1: Run the attack In this guide we will simulate an attacker…

SC-200 Create automation rule

In this demo we are creating an automation rule to change the severity and status…

SC-200 Collect logs from non-azure-Linux VM host to Microsoft Sentinel using Azure Arc and Syslog AMA

Step 1 – Install and configure Rsyslog To install rsyslog on Ubuntu execute this from…

SC-200 Connect Windows devices to Microsoft Sentinel using data connectors

source: SC-200T00A-Microsoft-Security-Operations-Analyst Task 1: Create a Windows VM in Azure Go to Marketplace, search for…

SC-200 Configure your Microsoft Sentinel environment

source: SC-200T00A-Microsoft-Security-Operations-Analyst Task 1: Initialize the Microsoft Sentinel Workspace go to Log Analytics Workspace and…