Design and configure Microsoft Sentinel data storage
Implement and use Content hub, repositories, and community resources
Identify data sources to be ingested for Microsoft Sentinel
Identify the prerequisites for a Microsoft Sentinel data connector
Configure and use Microsoft Sentinel data connectors
Configure Microsoft Sentinel data connectors by using Azure Policy
Configure Microsoft Sentinel connectors for Microsoft 365 Defender and Microsoft Defender for Cloud
Design and configure Syslog and CEF event collections
Design and configure Windows Security event collections
Configure custom threat intelligence connectors
Design and configure analytics rules
Activate Microsoft security analytics rules
Configure built-in scheduled queries
Configure custom scheduled queries
Define incident creation logic
Manage and use watchlists