Assessments

Chapter 1

  1. It is used to assist with the discovery and mapping of current security solutions, and plan for the future state.
  2. The three main components are Azure Monitor, Microsoft Sentinel, and Logic Apps.
  3. The main platforms include Identity and Access Management (IAM), Endpoint Detection and Response (EDR), Cloud Access Security Broker (CASB), Cloud Workload Protection Platform (CWPP), and Next Generation Firewall (NGFW).
  4. Third-party solution providers include AWS, Cisco, Palo Alto Networks, Fortinet, and Symantec.
  5. There are seven steps in the scenario mapping exercise.

Chapter 2

  1. The name of the query language is Kusto Query Language (KQL).
  2. Azure Lighthouse enables the central management of multiple Azure tenants, usually deployed ...

Get Microsoft Sentinel in Action - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial