When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Specialization?

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Microsoft Security Solutions Capabilities

This course is part of Exam Prep SC-900: Microsoft Certified Security Fundamentals Specialization

Instructor: Whizlabs Instructor

Included with

Learn more

3 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

3 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

Skills you'll gain

Endpoint Security

Tools you'll learn

Azure Active Directory

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

8 assignments

Taught in English

91% of learners achieved a positive career outcome

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the Exam Prep SC-900: Microsoft Certified Security Fundamentals Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 3 modules in this course

Welcome to Microsoft Sentinel, Microsoft Defender XDR & Threat Protection, a deep-dive course designed for cloud security engineers, SOC analysts, and IT professionals who want to master Microsoft’s advanced detection, response, and threat protection ecosystem.

This course covers the end-to-end workflow of cloud security operations using Microsoft Sentinel (SIEM & SOAR) and Microsoft Defender XDR. You’ll explore workspace planning, SIEM roles, SOAR automation, threat detection, and hunting queries in Sentinel. You’ll then move into Defender XDR configuration, integration with Sentinel, and best practices for incident response. Finally, you’ll learn about the entire Microsoft Defender product family (Defender for Cloud Apps, Office 365, Identity, and Endpoint) to build a unified threat protection strategy. By the end of this course, you’ll be confident in deploying, configuring, and managing Microsoft Sentinel and Microsoft Defender XDR to detect, investigate, and respond to modern cloud threats. Who Should Take This Course? SOC Analysts and Incident Responders Cloud Security Engineers and Azure Administrators IT Security Professionals looking to implement SIEM + XDR Learners preparing for SC-200 or seeking advanced Microsoft security skills Course Format This course delivers 6–7 hours of expert-led video content, split across four modules. Each module includes demos, configuration guides, and best practices. Knowledge checks and in-video questions are included to help reinforce learning. Course Modules: Module 1: Azure Security Foundations: Networking, Key Vault & Defender Module 2: Microsoft Sentinel: SIEM & SOAR for Cloud Security Operations Module 3: Microsoft Defender XDR: Configuration, Integration & Best Practices

Module details

Welcome to Week 1 of this course! We’ll begin with the essential building blocks for securing Azure workloads. You’ll explore Azure networking security, including Azure DDoS Protection, Azure Bastion, and Azure Firewall, to understand how to defend your resources at the network edge. Next, we’ll dive into network segmentation using Azure Virtual Networks, and configure Network Security Groups (NSG) and Application Security Groups (ASG) with hands-on demos. You’ll also explore Azure Key Vault and see how to secure application secrets and configuration data using App Configuration and Key Vault demos. Finally, we’ll introduce Microsoft Defender for Cloud, its Cloud Security Posture Management (CSPM) capabilities, and workload protection features to help you proactively strengthen your cloud security posture.

What's included

13 videos3 readings3 assignments

13 videosTotal 77 minutes

Azure DDoS and Bastion Service - Overview5 minutes
Azure Firewall3 minutes
Network Segmentation with Azure Virtual Networks4 minutes
Network Security Groups - Demo3 minutes
Applicaiton Security Groups - Demo9 minutes
Azure Key Vault - Overview3 minutes
Secure App Configuration data by using App Configuration or Azure Key Vault - Demo13 minutes
Microsoft Defender for Cloud - Overview6 minutes
Microsoft Defender for Cloud - Demo4 minutes
Cloud Security Posture Management (CSPM)5 minutes
Security policies and initiatives improve the cloud security posture7 minutes
Microsoft Defender for Cloud Workload Protection5 minutes
Enhanced security features provided by cloud workload protection9 minutes

3 readingsTotal 70 minutes

Welcome to the Course30 minutes
Azure Security Foundations: Networking, Key Vault & Defender - Course Overview20 minutes
Meet and Greet20 minutes

3 assignmentsTotal 130 minutes

Azure Security Foundations: Networking, Key Vault & Defender - Graded Assessment50 minutes
Azure Core Infrastructure Security Services - Practice Assessment40 minutes
Azure Security Management Capabilities - Practice Assessment40 minutes

Welcome to Week 2! this week, we’ll focus on Microsoft Sentinel and its role as a cloud-native SIEM and SOAR solution. You’ll learn how to plan and deploy workspaces, align Sentinel implementation with Microsoft’s Cloud Adoption Framework (CAF) security design phases, and understand the role of SIEM in modern security operations. We’ll then explore Sentinel’s automation capabilities with SOAR, threat detection, and mitigation features. By the end of this week, we’ll dive into threat hunting, reviewing sample KQL queries and walking through a hands-on demo to see how to proactively hunt for threats in your environment.

What's included

8 videos1 reading2 assignments

8 videosTotal 49 minutes

What is Microsoft Sentinel?5 minutes
Workspace Planning in Microsoft Sentinel6 minutes
Aligning security with the CAF design phases8 minutes
The Role of SIEM in Security Operations7 minutes
Automating Security Tasks with SOAR5 minutes
Threat detection and mitigation capabilities in Microsoft Sentinel7 minutes
Explore Threat Hunting Queries - Overview5 minutes
Explore Threat Hunting Queries - Demo7 minutes

1 readingTotal 20 minutes

Microsoft Sentinel: SIEM & SOAR for Cloud Security Operations - Course Overview20 minutes

2 assignmentsTotal 90 minutes

Microsoft Sentinel: SIEM & SOAR for Cloud Security Operations - Graded Assessment50 minutes
Microsoft Sentinel Capabilities - Practice Assessment40 minutes

Welcome to Week 3! this week focuses on governance and identity protection features of Microsoft Entra ID. You’ll explore Privileged Identity Management (PIM) to enforce just-in-time (JIT) access, conduct access reviews, and automate provisioning/deprovisioning. This week also covers Microsoft Entra ID Protection, showing how to detect and mitigate identity risks with real-time monitoring. By the end of the week, you will be able to Configure MFA and passwordless authentication methods, Design Conditional Access policies for secure access and Implement RBAC effectively at tenant, group, or resource scope.

What's included

17 videos3 readings3 assignments

17 videosTotal 89 minutes

What is Microsoft Defender XDR?4 minutes
Key Benefits of Microsoft Defener XDR4 minutes
Microsoft Defender XDR vs. Traditional Security Tools4 minutes
Threat Analytics Overview4 minutes
Creating Lab Environment - Step by Step8 minutes
Connecting Microsoft Defender XDR to Microsoft Sentinel9 minutes
Best Practices for Microsoft Defender XDR4 minutes
Microsoft Defender Family - Overview6 minutes
Microsoft Defender for Cloud Apps6 minutes
Microsoft Defender for Office 3656 minutes
Defender Vulnerability Management - Overview6 minutes
Defender Vulnerability Management - Demo4 minutes
Microsoft Defender for Identity7 minutes
Microsoft Defender Threat Intelligence (Defender TI)5 minutes
Microsoft Defender portal3 minutes
Microsoft Defender for Endpoint Overview6 minutes
Advanced Features of Defender for Endpoint5 minutes

3 readingsTotal 65 minutes

Microsoft Defender XDR: Configuration, Integration & Best Practices - Course Overview25 minutes
Specialization: Course 3 Summary20 minutes
What's Next + Best Practices20 minutes

3 assignmentsTotal 150 minutes

Microsoft Defender XDR: Configuration, Integration & Best Practices - Graded Assessment60 minutes
Microsoft Defender XDR - Overview - Practice Assessment50 minutes
Threat Protection with Microsoft Defender XDR - Practice Assessment40 minutes