SC-5006: Enhance security operations by using Microsoft Security Copilot

Leaf Learning 365 - All Courses - Microsoft Technical Training Courses - SC-5006: Enhance security operations by using Microsoft Security Copilot

SC-5006: Enhance security operations by using Microsoft Security Copilot

Duration: 1 Day

Explore the transformative power of AI in security with Microsoft Security Copilot. This course starts by introducing you to the fundamental concepts of generative AI. The course then delves into the cutting-edge AI functionality of Microsoft Security Copilot that empowers analysts to respond to threats quickly, process signals at machine speed, and assess risk exposure more quickly than may otherwise be possible. Lastly, the course guides the learner through a series of simulation-based exercises that mimic real-world situations.

Audience Profile

This course is targeted to security professionals interested in getting started with Microsoft Security Copilot, including security analysts, security admins, and SOC managers.   The person taking this course is looking to familiarize themselves with the functionality of Microsoft Security Copilot in both the standalone and embedded experiences.  They should have working knowledge of security operations and incident response, experience with Microsoft security products and services, and is interested in learning how Microsoft Security Copilot, an AI-powered security analysis tool, can help them process security signals and respond to threats more quickly.

Course Content

Introduction to generative AI and agents

Generative AI powers applications that can create content, answer questions, and assist with tasks. In this module, you'll explore the fundamentals of generative AI, including large language models (LLMs), prompts, and AI agents.

  • Introduction
  • Large language models (LLMs)
  • Prompts
  • AI agents
  • Exercise - Explore generative AI agent scenarios

Describe Microsoft Security Copilot

Get acquainted with Microsoft Security Copilot. You're introduced to some basic terminology, how Microsoft Security Copilot processes prompts, the elements of an effective prompt, and how to enable the solution.

  • Get acquainted with Microsoft Security Copilot
  • Describe Microsoft Security Copilot terminology
  • Describe how Microsoft Security Copilot processes prompt requests
  • Describe the elements of an effective prompt
  • Describe how to enable Microsoft Security Copilot

Describe the core features of Microsoft Security Copilot

Microsoft Security Copilot has a rich set of features. Learn about available plugins, promptbooks, the ways you can export and share information from Copilot, and much more.

  • Describe the features available in the standalone experience of Microsoft Security Copilot
  • Describe the features available in a session of the standalone experience
  • Describe workspaces
  • Describe the Microsoft plugins available in Microsoft Security Copilot
  • Describe the non-Microsoft plugins supported by Microsoft Security Copilot
  • Describe custom promptbooks
  • Describe knowledge base connections

Describe the embedded experiences of Microsoft Security Copilot

Microsoft Security Copilot is accessible directly from some Microsoft security products. This is referred to as the embedded experience. Learn about the scenarios supported by the Copilot embedded experience in Microsoft’s security solutions.

  • Describe Copilot in Microsoft Defender XDR
  • Copilot in Microsoft Purview
  • Copilot in Microsoft Entra
  • Copilot in Microsoft Intune
  • Copilot in Microsoft Defender for Cloud (Preview)

Describe Microsoft Security Copilot agents

Automate threat detection and response with Microsoft Security Copilot agents—AI-powered tools that streamline cybersecurity operations, reduce manual workloads, and scale protection across your digital environment.

  • Describe Microsoft Security Copilot agents
  • Understand agent identities and permissions
  • Describe the Threat Intelligence Briefing Agent
  • Explore the Threat Intelligence Briefing Agent
  • Describe the Security Copilot agents in Microsoft Entra
  • Explore the Conditional Access Optimization Agent
  • Describe the Security Copilot agents in Microsoft Defender
  • Describe the Security Copilot agents in Microsoft Purview
  • Describe the Security Copilot agents in Microsoft Intune
  • Build your own agents

Explore use cases of Microsoft Security Copilot

Explore use cases of Microsoft Security Copilot in the standalone and embedded experiences, through lab-like exercises.

  • Explore the first run experience
  • Explore the standalone experience
  • Explore Security Copilot workspaces
  • Configure the Microsoft Sentinel plugin
  • Enable a custom plugin
  • Explore file uploads as a knowledge base
  • Create a custom promptbook
  • Explore the capabilities of Copilot in Microsoft Defender XDR
  • Explore the capabilities of Copilot in Microsoft Purview
  • Explore the capabilities of Copilot in Microsoft Entra

Labs/Hands-On Exercises

This class has hands-on labs provided by Go Deploy.