SC-200 - Manage a Security Operations Environment - Section 1.4
Configure the Microsoft Sentinel SIEM and platform, including roles, data retention tiers, workbooks, and SOC optimization.
Assign Microsoft Sentinel roles to control read and write access across the workspace, and choose between Analytics, Data lake, and XDR retention tiers to balance query performance against storage cost. Use Sentinel workbooks to visualise security data and apply SOC optimisation recommendations to remove gaps in coverage.
Microsoft Sentinel rolesdata retention for Analytics, Data lake, and XDR tiersMicrosoft Sentinel workbooksSOC optimization recommendations
More in this domain
Back to all Manage a Security Operations Environment objectives, or the SC-200 cert hub.
Examworthy is not affiliated with or endorsed by Microsoft. Original, blueprint-aligned practice material only.