You're reading from Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 Familiarize yourself with security, identity, and compliance in Microsoft 365 and Azure

Product type Paperback

Published in May 2022

Last Updated in May 2022

Publisher Packt

ISBN-13 9781801815994

Length 404 pages

Edition 1st Edition

Tools

Azure

Concepts

Cloud Security

Author (1):

Dwayne Natwick

View More author details

Table of Contents (24) Chapters

Preface

1. Section 1: Exam Overview

2. Chapter 1: Preparing for Your Microsoft Exam FREE CHAPTER

3. Section 2: The Key Concepts of Security, Compliance, and Identity

4. Chapter 2: Describing Security Methodologies

5. Chapter 3: Understanding Key Security Concepts

6. Chapter 4: Key Microsoft Security and Compliance Principles

7. Section 3: The Microsoft Identity Management Solutions

8. Chapter 5: Defining Identity Principles/Concepts and the Identity Services within Azure AD

9. Chapter 6: Describing the Authentication and Access Management Capabilities of Azure AD

10. Chapter 7: Describing the Identity Protection and Governance Capabilities of Azure AD

11. Section 4: The Microsoft Security Solutions for Microsoft 365 and Azure

12. Chapter 8: Describing Basic Security Services and Management Capabilities in Azure

13. Chapter 9: Describing Security Management and Capabilities of Azure

14. Chapter 10: Describing Threat Protection with Microsoft 365 Defender

15. Chapter 11: Describing the Security Capabilities of Microsoft Sentinel

16. Chapter 12: Describing Security Management and the Endpoint Security Capabilities of Microsoft 365

17. Section 5: The Microsoft Compliance Monitoring Capabilities within Microsoft 365 and Azure

18. Chapter 13: Compliance Management Capabilities in Microsoft

19. Chapter 14: Describing Information Protection and Governance Capabilities of Microsoft 365

20. Chapter 15: Describing Insider Risk, eDiscovery, and Audit Capabilities in Microsoft 365

21. Chapter 16: Describing Resource Governance Capabilities in Azure

22. Chapter 17: Final Assessment/ Mock Exam

23. Other Books You May Enjoy

Define the concepts of SIEM, SOAR, and XDR

Let's start by explaining Microsoft Sentinel and what Security Information Event Management (SIEM) and Security Orchestration Automated Response (SOAR) solutions are.

SIEM is a solution within a security operations center that gathers logs and events from various appliances and software within an information technology infrastructure. These SIEM solutions then review the logs and events for potential threats by searching for behavior that is not typical of best practices or may be seen as anomalous or atypical. The benefit of having and utilizing SIEM is that without it, security operations personnel would need to review each of these log and event files manually. Since there are thousands of log and event files within companies, this option has the potential for mistakes, as fatigue becomes an issue when scrolling through these files. SIEM picks out the logs and events that could be a threat, and security personnel can then investigate...

The rest of the chapter is locked

You're reading from Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 Familiarize yourself with security, identity, and compliance in Microsoft 365 and Azure

Table of Contents (24) Chapters

Define the concepts of SIEM, SOAR, and XDR

Authors (1)

Personalised recommendations for you

You're reading from Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 Familiarize yourself with security, identity, and compliance in Microsoft 365 and Azure

Table of Contents (24) Chapters

Define the concepts of SIEM, SOAR, and XDR

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you