This unit will introduce you to the foundations of security operations, including recording activities and events, identifying threats and intrusions, and responding to incidents.
Labs: Configure Azure Sentinel, Configure Microsoft Defender Workload Protection for the Cloud, Configure Guard Duty on AWS, and Configure Security Hub on AWS.
Unit objectives:
Students will learn the importance of logging and monitoring activity within the cloud environment as a proactive security strategy. Students will be introduced to logging and monitoring solutions and how to use automation to identify and respond to threats. After completing this unit, students will understand the basic concepts and techniques of security operations. Topics Covered: Cloud logging, cloud security monitoring, intrusion detection and prevention systems (IDS/IPS) in the cloud, SIEM and SOAR, real-time monitoring and alerting, log management and analysis in cloud-native monitoring solutions, continuous security monitoring strategies, best security monitoring Cloud incident response practices in cloud forensics and cloud investigation
