From the course: Identity Threat Protection with Sentinel
Join today to access over 25,600 courses taught by industry experts.
Challenge: Threat detection rule scenarios
From the course: Identity Threat Protection with Sentinel
Challenge: Threat detection rule scenarios
(cheerful upbeat music) - [Instructor] Now that we've covered threat detection rules in Sentinel, can you identify which detection rule would be applicable in this scenario? An employee's account attempts to access confidential files at 2 a.m., which is unusual for the typical activity pattern. Identify which analytic rule could detect this and describe how you would configure its trigger, logic, and action. And if you need some assistance with how to modify and create custom analytic rules from scratch, I have linked the content resource in the course materials to help you along. And if you're stuck, check out the next video with the solution to this challenge.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Crafting effective threat detection rules in Sentinel3m 25s
-
(Locked)
Configuring analytic rules in Sentinel for Entra ID4m 4s
-
(Locked)
Monitoring and responding to IAM threats with Sentinel3m 12s
-
(Locked)
Challenge: Threat detection rule scenarios44s
-
(Locked)
Solution: Threat detection rule scenarios2m 29s
-
(Locked)
-