Azure Sentinel (Microsoft Sentinel) is a cloud-based SIEM (security information event management) solution that offers advanced intelligence tools across organizations to secure the cloud and on-premises resources. 

This lab challenge assumes familiarity with the following concepts: 

• Understanding of Azure Sentinel offering
• Understanding Sentinel incidents, data connectors, analytic rules, and log query editor

If you are unfamiliar with any of the above, Cloud Academy recommends completing the labs mentioned in the prerequisites before attempting this lab challenge.

This hands-on lab challenge will test your practical ability to interact with the Azure Sentinel to satisfy a set of requirements in a production-like Azure environment. You will be presented with a task and set of requirements you must fulfill to pass the challenge.

This is a real environment, which means you can prove your knowledge in an applied way, substituting multiple-choice questions for a dynamic performance-based exam situation.

Updates

October 31st, 2023 - Updated the challenge to reflect the latest UI

January 24th, 2023 - Resolved an issue causing an excessive delay in data being reported in Sentinel

• Introduction to Azure Sentinel
• Investigating Security Events using Azure Sentinel

• Candidates for Azure Security Engineer (AZ-500)
• Cloud Architects
• DevOps Engineers

• Azure Sentinel
• Azure Log Analytics