sc-200[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sc-200.7z
Size

33.0MB
MD5

73ad7cc18ef7c2d93f3fa49567879287
SHA1

0322fccd041f2a1a282532ec6e9c926209194fac
SHA256

344ff451f4ab6618049ab6538a010a8d5a56125eaf16f29f302ce512da36f0fd
SHA512

d5794914f8808ca55c43d7e29d492a6a5f53d28158b82d9e9891315a9fc03ba51b6210733b1f1d82cb690fac00854591fd22972de82c56edd022727d9554321d
SSDEEP

786432:ig2Doxfx2lYlE2KFCqAV8UGLDVjrR/MW4qBjO3GSDV05G2W:jfxD65nAVADhR/8qYrVaG2W

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 6 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack002/03/detecting-and-responding-to-endpoint-threats-slides.pdf	pdf_with_link_action
static1/unpack002/04/investigating-and-mitigating-identity-threats-slides.pdf	pdf_with_link_action
static1/unpack002/05/detecting-and-responding-to-threats-on-the-productivity-environment-slides.pdf	pdf_with_link_action
static1/unpack002/06/managing-cross-domain-investigations-in-microsoft-365-defender-portal-slides.pdf	pdf_with_link_action
static1/unpack001/sc-200/Azure-Sentinel-Technical-Playbook-for-MSSPs.pdf	pdf_with_link_action
static1/unpack001/sc-200/SC-200_StudyGuide_v200_7.1.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

sc-200.7z
.7z
sc-200/365_defender.zip
.zip
02/integrating-microsoft-365-defender-components-slides.pdf
.pdf
03/detecting-and-responding-to-endpoint-threats-slides.pdf
.pdf
- https://docs.microsoft.com/en-us/learn/paths/sc-200-mitigate-threats-using-microsoft-defender-for-endpoint/
- https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide
- https://app.pluralsight.com/library/courses/msft-365-security-threat-protection-implementation-management
- https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/threat-protection-integration?view=o365-worldwide
04/investigating-and-mitigating-identity-threats-slides.pdf
.pdf
- https://docs.microsoft.com/en-us/cloud-app-security/tutorial-shadow-it
- https://docs.microsoft.com/en-us/learn/paths/sc-200-mitigate-threats-using-microsoft-365-defender/
- https://docs.microsoft.com/en-us/cloud-app-security/
- https://app.pluralsight.com/library/courses/msft-365-security-threat-protection-implementation-management
- https://docs.microsoft.com/en-us/defender-for-identity/suspicious-activity-guide?tabs=external
05/detecting-and-responding-to-threats-on-the-productivity-environment-slides.pdf
.pdf
- https://docs.microsoft.com/en-us/learn/paths/sc-200-mitigate-threats-using-microsoft-365-defender/
- https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide
- https://app.pluralsight.com/library/courses/msft-365-security-threat-protection-implementation-management
- https://docs.microsoft.com/en-us/microsoft-365/compliance/?view=o365-worldwide
06/managing-cross-domain-investigations-in-microsoft-365-defender-portal-slides.pdf
.pdf
- https://www.microsoft.com/security/blog/2020/07/29/inside-microsoft-threat-protection-solving-cross-domain-security-incidents-through-the-power-of-correlation-analytics/
Pluralsight Study Guide - SC-200.docx
.docx office2007
sc-200/Azure AD Cross-tenant attacks via multi-tenant implants (servicePrincipals) – SecureCloudBlog.url
.url
sc-200/Azure-Sentinel-Technical-Playbook-for-MSSPs.pdf
.pdf
- https://docs.microsoft.com/en-us/microsoft-365/enterprise/subscriptions-licenses-accounts-and-tenants-for-microsoft-cloud-offerings?view=o365-worldwide
- http://download.microsoft.com/download/2/3/8/238228E6-9017-4F6C-BD3C-5559E6708F82/MSFT_cloud_architecture_identity.pdf
- https://docs.microsoft.com/en-us/microsoft-365/enterprise/about-microsoft-365-identity?view=o365-worldwide
- https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant
- https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/security/security-top-10
- https://docs.microsoft.com/en-us/azure/availability-zones/az-overview
- https://docs.microsoft.com/en-us/azure/architecture/framework/resiliency/overview
- https://azure.microsoft.com/en-us/global-infrastructure/services/?products=all
- https://docs.microsoft.com/en-us/azure/governance/management-groups/overview
- https://docs.microsoft.com/en-us/azure/governance/policy/overview
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/overview
- https://docs.microsoft.com/en-us/azure/role-based-access-control/overview
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/design-logs-deployment
- https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/
- https://docs.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-overview
- https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/log-analytics-tutorial
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-platform-logs
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent
- https://docs.microsoft.com/en-us/azure/sentinel/quickstart-onboard
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agent-manage
- https://docs.microsoft.com/en-us/azure/lighthouse/overview
- https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
- https://docs.microsoft.com/en-us/azure/lighthouse/concepts/tenants-users-roles#role-support-for-azure-lighthouse
- https://docs.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles
- https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer
- https://docs.microsoft.com/en-us/azure/lighthouse/how-to/publish-managed-services-offers
- https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer#define-roles-and-permissions
- https://github.com/Azure/Azure-Lighthouse-samples
- https://docs.microsoft.com/en-us/azure/lighthouse/concepts/cloud-solution-provider
- https://docs.microsoft.com/en-us/azure/active-directory/external-identities/what-is-b2b
- https://docs.microsoft.com/en-us/azure/active-directory/governance/identity-governance-overview
- https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/multi-tenant-access-for-managed-security-service-providers/ba-p/1533440
- https://azure.microsoft.com/en-us/global-infrastructure/services/?products=monitor&regions=all
- https://docs.microsoft.com/en-us/azure/azure-monitor/logs/functions
- https://docs.microsoft.com/en-us/azure/sentinel/roles
- https://docs.microsoft.com/en-us/azure/sentinel/roles#additional-roles-and-permissions
- https://docs.microsoft.com/en-us/azure/sentinel/resource-context-rbac
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/managed-applications/overview
- http://aka.ms/sentinelallinone
- https://azure.microsoft.com/en-us/pricing/details/azure-sentinel/
- https://azure.microsoft.com/en-us/pricing/details/log-analytics/
- https://cloudpartners.transform.microsoft.com/download?assetname=assets/Azure_Sentinel_Calculator.xlsx&download=1
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/manage-cost-storage#troubleshooting-why-usage-is-higher-than-expected
- https://azure.microsoft.com/pricing/details/azure-sentinel/
- https://techcommunity.microsoft.com/t5/azure-sentinel/using-azure-data-explorer-for-long-term-retention-of-azure/ba-p/1883947
- https://docs.microsoft.com/en-us/azure/azure-monitor/logs/azure-monitor-data-explorer-proxy
- https://docs.microsoft.com/en-us/azure/data-explorer/query-monitor-data
- https://dataexplorer.azure.com/AzureDataExplorerCostEstimator.html
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/logs-data-export#cost
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/logs-export-logic-app
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/logs-data-export
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/logs-export-logic-app#connector-limits
- https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/externaldata-operator
- https://techcommunity.microsoft.com/t5/azure-sentinel/using-external-data-sources-to-enrich-network-logs-using-azure/ba-p/1450345
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/azure-data-explorer-query-storage
- https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-all-sign-ins
- https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-the-connectors-grand-cef-syslog-direct-agent/ba-p/803891
- https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-agent-collecting-from-servers-and-workstations-on/ba-p/811760
- https://docs.microsoft.com/en-us/graph/api/resources/tiindicator?view=graph-rest-beta
- https://docs.microsoft.com/en-us/azure/sentinel/connect-logstash
- https://www.powershellgallery.com/packages/Upload-AzMonitorLog/1.2
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-collector-api
- https://docs.microsoft.com/en-us/azure/sentinel/connect-okta-single-sign-on
- https://docs.microsoft.com/en-us/azure/sentinel/connect-proofpoint-tap
- https://github.com/Azure/Azure-Sentinel/tree/master/DataConnectors/O365%20Data
- https://github.com/Azure/Azure-Sentinel/tree/master/DataConnectors
- https://github.com/Azure/Azure-Sentinel/tree/master/Parsers
- https://docs.microsoft.com/en-us/azure/sentinel/normalization
- https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-IPReputation
- https://docs.microsoft.com/en-us/azure/sentinel/create-custom-connector
- https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-improvements-to-the-log-analytics-agent/ba-p/1983735
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/azure-monitor-agent-overview
- https://docs.microsoft.com/en-us/azure/sentinel/connect-data-sources#data-connection-methods
- https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook
- https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-overview
- https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks
- https://docs.microsoft.com/en-us/azure/sentinel/connect-threat-intelligence#connect-azure-sentinel-to-your-threat-intelligence-platform
- https://www.misp-project.org/
- https://www.anomali.com/products/threatstream
- https://www.paloaltonetworks.com/products/secure-the-network/subscriptions/minemeld
- https://threatconnect.com/solution/
- https://www.eclecticiq.com/solutions
- https://www.threatq.com/
- https://docs.microsoft.com/en-us/azure/sentinel/connect-threat-intelligence#connect-azure-sentinel-to-taxii-servers
- https://docs.microsoft.com/en-us/graph/api/resources/tiindicator
- https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-threat-intelligence-menu-item-in-public-preview/ba-p/1646597
- https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-built-in
- https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-custom
- https://docs.microsoft.com/en-us/azure/azure-monitor/logs/query-optimization
- https://docs.microsoft.com/en-us/azure/sentinel/multiple-workspace-view
- https://github.com/CliveW-MSFT/KQLpublic/tree/master/KQL/Workbooks/Azure%20Sentinel%20Central
- https://www.youtube.com/watch?v=njXK1h9lfR4
- https://techcommunity.microsoft.com/t5/azure-sentinel/migrating-qradar-offenses-to-azure-sentinel/ba-p/2102043
- https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/splunk-cheat-sheet
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-data-sources#logs
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-data-sources#metrics
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-data-sources#azure-resource-graph
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-data-sources#alerts-preview
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-data-sources#workload-health
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-data-sources#azure-resource-health
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-data-sources#azure-data-explorer
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-text-visualizations
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-chart-visualizations
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-grid-visualizations
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-tile-visualizations
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-tree-visualizations
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-graph-visualizations
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-composite-bar
- https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/cross-workspace-query#cross-resource-query-limits
- https://github.com/Azure/Azure-Sentinel/blob/master/Workbooks/SentinelCentral.json
- https://techcommunity.microsoft.com/t5/azure-sentinel/making-your-azure-sentinel-workbooks-multi-tenant-or-multi/ba-p/1402357
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/powerbi
- https://www.microsoft.com/en-us/videoplayer/embed/RE4B4Ap
- https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-workbooks-101-with-sample-workbook/ba-p/1409216
- https://docs.microsoft.com/en-us/azure/sentinel/extend-sentinel-across-workspaces-tenants
- https://docs.microsoft.com/en-us/rest/api/securityinsights/
- https://github.com/Azure/azure-rest-api-specs/tree/master/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview
- https://docs.microsoft.com/en-us/rest/api/loganalytics/savedsearches
- https://docs.microsoft.com/en-us/azure/sentinel/watchlist-with-rest-api
- https://docs.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-automate
- https://docs.microsoft.com/en-us/rest/api/logic/
- https://docs.microsoft.com/en-us/rest/api/azure/
- https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-api-101/ba-p/1438928
- https://techcommunity.microsoft.com/t5/azure-sentinel/new-year-new-official-azure-sentinel-powershell-module/ba-p/2025041
- https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Az.SecurityInsights-Samples
- https://github.com/wortell/AZSentinel/tree/master/AzSentinel
- https://github.com/Azure/Azure-Sentinel/tree/master/Tools/ARM-Templates
- http://aka.ms/sentinelascode
- https://techcommunity.microsoft.com/t5/azure-sentinel/deploying-and-managing-azure-sentinel-ninja-style/ba-p/1858073
- https://docs.microsoft.com/en-us/powershell/module/az.monitoringsolutions/new-azmonitorloganalyticssolution?view=azps-5.5.0
- https://github.com/Azure/Azure-Sentinel/blob/ec4878599bfa0dd17a85935727586328659ce1d1/Tools/Sentinel-All-In-One/Powershell/SentinelallInOne.ps1#L84
- https://github.com/Azure/Azure-Sentinel/blob/ec4878599bfa0dd17a85935727586328659ce1d1/Tools/Sentinel-All-In-One/ARMTemplates/azuredeploy.json#L149
- https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_solution
- https://github.com/Azure/azure-quickstart-templates/tree/master/101-azure-sentinel
- https://docs.microsoft.com/en-us/azure/templates/microsoft.operationalinsights/2020-03-01-preview/workspaces/datasources
- https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2017-05-01-preview/diagnosticsettings
- https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Az.SecurityInsights-Samples/Alert%20Rules
- https://github.com/Azure/Azure-Sentinel/tree/master/Tools/ARM-Templates/AnalyticsRules
- https://docs.microsoft.com/en-us/powershell/module/az.operationalinsights/new-azoperationalinsightssavedsearch?view=azps-5.5.0
- https://docs.microsoft.com/en-us/powershell/module/az.operationalinsights/set-azoperationalinsightssavedsearch?view=azps-5.5.0
- https://docs.microsoft.com/en-us/azure/azure-monitor/samples/resource-manager-log-queries
- https://github.com/Azure/Azure-Sentinel/tree/master/Tools/ARM-Templates/HuntingQuery
- https://docs.microsoft.com/en-us/azure/azure-monitor/platform/workbooks-automate#azure-resource-manager-template-for-deploying-a-workbook-instance
- https://github.com/Azure/Azure-Sentinel/tree/master/Workbooks
- https://techcommunity.microsoft.com/t5/azure-sentinel/combining-azure-lighthouse-with-sentinel-s-devops-capabilities/ba-p/1210966
- https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Sentinel-All-In-One/MSSPversion
- https://techcommunity.microsoft.com/t5/azure-sentinel/the-ninja-training-2021-edition-is-out/ba-p/2027400
- https://docs.microsoft.com/en-us/learn/paths/security-ops-sentinel/
- https://docs.microsoft.com/en-us/learn/certifications/security-operations-analyst/
- https://techcommunity.microsoft.com/t5/azure-sentinel/bg-p/AzureSentinelBlog
- https://docs.microsoft.com/en-us/azure/sentinel/whats-new
- https://aka.ms/azuresecuritytop10
- https://youtu.be/g0hgtxBDZVE
- https://aka.ms/azsecpod
- https://aka.ms/SecurityWebinars
- https://github.com/Azure/Azure-Sentinel
- http://contoso.com
- http://tenant.ar
- http://aka.ms/sentinelallinone.
- https://aka.ms/azuresecuritytop10en-AU
- https://youtu.be/g0hgtxBDZVEen-AU
- https://docs.microsoft.com/en-us/azure/sentinel/
- Show all
sc-200/Configuring Security Services and Policies in Microsoft Azure - Pluralsight.url
.url
sc-200/How to pass SC-200 exam.url
.url
sc-200/Microsoft Security Operations Analyst (SC-200) Path - Pluralsight.url
.url
sc-200/Microsoft Security Operations Analyst (SC-200).url
.url
sc-200/Microsoft Sentinel Blog - Microsoft Tech Community.url
.url
sc-200/SC-200 Exam - Free Questions and Answers - ITExams.com.url
.url
sc-200/SC-200- Mitigate threats using Microsoft Defender for Endpoint - Learn - Microsoft Docs.url
.url
sc-200/SC-200_StudyGuide_v200_7.1.pdf
.pdf
- https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4PsHx
- https://docs.microsoft.com/learn/certifications/renew-your-microsoft-certification
- https://docs.microsoft.com/learn/certifications/exams/sc-200
- https://docs.microsoft.com/learn/certifications/security-operations-analyst/
- https://docs.microsoft.com/learn/certifications/exam-scoring-reports
- https://aka.ms/examdemo
- https://docs.microsoft.com/en-us/learn/certifications/request-accommodations
- https://www.mindhub.com/p/MU-SC-200
- https://docs.microsoft.com/learn/paths/sc-200-mitigate-threats-using-microsoft-defender-for-endpoint/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/m365-security-threat-protect/
- https://docs.microsoft.com/learn/modules/deploy-microsoft-defender-for-endpoints-environment/
- https://docs.microsoft.com/learn/modules/implement-windows-10-security-enhancements-with-microsoft-defender-for-endpoint/
- https://docs.microsoft.com/learn/modules/manage-alerts-incidents-microsoft-defender-for-endpoints/
- https://docs.microsoft.com/learn/modules/perform-device-investigations-microsoft-defender-for-endpoints/
- https://docs.microsoft.com/learn/modules/perform-actions-device-microsoft-defender-for-endpoint/
- https://docs.microsoft.com/learn/modules/perform-evidence-entities-investigations-microsoft-defender-for-endpoint/
- https://docs.microsoft.com/learn/modules/configure-manage-automation-microsoft-defender-for-endpoint/
- https://docs.microsoft.com/learn/modules/configure-settings-for-alerts-detections-microsoft-defender-for-endpoint/
- https://docs.microsoft.com/learn/modules/use-threat-vulnerability-management-microsoft-defender-for-endpoint/
- https://docs.microsoft.com/learn/paths/sc-200-mitigate-threats-using-microsoft-365-defender/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/m365-security-threat-define/
- https://docs.microsoft.com/learn/modules/mitigate-incidents-microsoft-365-defender/
- https://docs.microsoft.com/learn/modules/protect-identities-with-aad-idp/
- https://docs.microsoft.com/learn/modules/m365-threat-remediate/
- https://docs.microsoft.com/learn/modules/m365-threat-safeguard/
- https://docs.microsoft.com/learn/modules/microsoft-cloud-app-security/
- https://docs.microsoft.com/learn/modules/respond-to-data-loss-prevention-alerts-microsoft-365/
- https://docs.microsoft.com/learn/modules/m365-compliance-insider-manage-insider-risk/
- https://docs.microsoft.com/learn/paths/sc-200-mitigate-threats-using-azure-defender/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/what-is-azure-defender/
- https://docs.microsoft.com/learn/modules/understand-azure-defender-cloud-workload-protection/
- https://docs.microsoft.com/learn/modules/connect-azure-assets-to-azure-defender/
- https://docs.microsoft.com/learn/modules/connect-non-azure-machines-to-azure-defender/
- https://docs.microsoft.com/learn/modules/remediate-azure-defender-security-alerts/
- https://docs.microsoft.com/learn/paths/sc-200-utilize-kql-for-azure-sentinel/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/construct-kusto-query-language-statements/
- https://docs.microsoft.com/learn/modules/analyze-results-kusto-query-language/
- https://docs.microsoft.com/learn/modules/build-multi-table-statements-kusto-query-language/
- https://docs.microsoft.com/learn/modules/work-with-data-kusto-query-language/
- https://docs.microsoft.com/learn/paths/sc-200-configure-azure-sentinel-environment/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/intro-to-azure-sentinel/
- https://docs.microsoft.com/learn/modules/create-manage-azure-sentinel-workspaces/
- https://docs.microsoft.com/learn/modules/query-logs-azure-sentinel/
- https://docs.microsoft.com/learn/modules/use-watchlists-azure-sentinel/
- https://docs.microsoft.com/learn/modules/utilize-threat-intelligence-azure-sentinel/
- https://docs.microsoft.com/learn/paths/sc-200-connect-logs-to-azure-sentinel/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/connect-data-to-azure-sentinel-with-data-connectors/
- https://docs.microsoft.com/learn/modules/connect-microsoft-services-to-azure-sentinel/
- https://docs.microsoft.com/learn/modules/connect-microsoft-defender-365-to-azure-sentinel/
- https://docs.microsoft.com/learn/modules/connect-windows-hosts-to-azure-sentinel/
- https://docs.microsoft.com/learn/modules/connect-common-event-format-logs-to-azure-sentinel/
- https://docs.microsoft.com/learn/modules/connect-syslog-data-sources-to-azure-sentinel/
- https://docs.microsoft.com/learn/modules/connect-threat-indicators-to-azure-sentinel/
- https://docs.microsoft.com/learn/paths/sc-200-create-detections-perform-investigations-azure-sentinel/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/analyze-data-in-sentinel/
- https://docs.microsoft.com/learn/modules/threat-response-sentinel-playbooks/
- https://docs.microsoft.com/learn/modules/incident-management-sentinel/
- https://docs.microsoft.com/learn/modules/use-entity-behavior-analytics-azure-sentinel/
- https://docs.microsoft.com/learn/modules/query-data-sentinel/
- https://docs.microsoft.com/learn/paths/sc-200-perform-threat-hunting-azure-sentinel/?wt.mc_id=examreadiness_sg_content_wwl
- https://docs.microsoft.com/learn/modules/what-is-threat-hunting-azure-sentinel/
- https://docs.microsoft.com/learn/modules/hunt-threats-sentinel/
- https://docs.microsoft.com/learn/modules/perform-threat-hunting-sentinel-with-notebooks/
- https://docs.microsoft.com/learn/certifications/courses/sc-200t00
- https://docs.microsoft.com/security/
- https://techcommunity.microsoft.com/t5/security-compliance-and-identity/ct-p/MicrosoftSecurityandCompliance
- https://docs.microsoft.com/shows/inside-azure-for-it/
- https://docs.microsoft.com/events/all-around-azure-well-architected-the-backstage-tour/
- https://docs.microsoft.com/security/benchmark/azure/introduction
- Show all
sc-200/Stocks!.url
.url
sc-200/Welcome - AA-001_Sandbox.url
.url
sc-200/WindowsHardeningRoomCheatsheet.pdf
.pdf
sc-200/kql_cheat_sheet_dark.pdf
.pdf
sc-200/kusto-query-language-kql-from-scratch.zip
.zip
sc-200/mitigate-threats-microsoft-365-defender.zip
.zip
sc-200/sentinel-cert.zip
.zip
sc-200/using_defender.zip
.zip