Exam SC-200: Microsoft Security Operations Analyst Course

Overview Schedule & Fees Course Benefits Student Feedback FAQ Course Modules

Microsoft Security Operations Analyst SC 200 Certification Training Course Overview

Enroll for 4-day Microsoft Security Operations Analyst certification SC 200 training course from Koenig Solutions accredited by Microsoft. This course provides threat management, monitoring, and response by using a variety of security solutions across their environment.

The role of the Microsoft Security Operations Analyst is to collaborate with organizational stakeholders to secure information technology systems for the organization and reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.

Through a blend of hands-on labs and interactive lectures, you will learn to investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products.

Target Audience:

Cloud Administrator.
IT Professional.
IT Security professional.
Microsoft Security Administrators
Network Administrators
Server Administrators

Learning Objectives:

After completing this course, you will be able to:

Mitigate threats using Microsoft 365 Defender
Mitigate threats using Azure Defender
Mitigate threats using Azure Sentinel

Test your current knowledge Qubits42

Exam SC-200: Microsoft Security Operations Analyst Course (Duration : 32 Hours) Download Course Contents

Live Virtual Classroom 1650

Group Training 01 - 04 Nov GTR 09:00 AM - 05:00 PM CST (8 Hours/Day) 06 - 09 Dec GTR 09:00 AM - 05:00 PM CST (8 Hours/Day)	1-on-1 Training (GTR) 4 Hours 8 Hours Week Days Weekend Start Time : At any time 12 AM 12 PM Training Schedule: GTR=Guaranteed to Run

Special Solutions for Corporate Clients! Click here

Hire Our Trainers! Click here

Recording Available only $99

Customers who bought this course also bought

AWS Certified Security Specialty Training and Certification Course

AZ-303 Microsoft Azure Architect Technologies Certification Training Course

AZ-500 Microsoft Azure Security Technologies Training Course

Azure Sentinel Certification Training Course

CCSP Certification Training Course

Microsoft Power BI Certification Training Course : Exam DA 100

AZ-104: Microsoft Azure Administrator Training Course

Microsoft 365 Security Administration Certification Training (MS-500T00-A)

Exam SC-400: Microsoft Information Protection Administrator

SC-900: Microsoft Security, Compliance, Identity Fundamentals Course

10% discount on 2nd course:

Course Modules

Module 1: Mitigate threats using Microsoft Defender for Endpoint

Protect against threats with Microsoft Defender for Endpoint
Deploy the Microsoft Defender for Endpoint environment
Implement Windows 10 security enhancements with Microsoft Defender for Endpoint
Manage alerts and incidents in Microsoft Defender for Endpoint
Perform device investigations in Microsoft Defender for Endpoint
Perform actions on a device using Microsoft Defender for Endpoint
Perform evidence and entities investigations using Microsoft Defender for Endpoint
Configure and manage automation using Microsoft Defender for Endpoint
Configure for alerts and detections in Microsoft Defender for Endpoint
Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint

Module 2: Mitigate threats using Microsoft 365 Defender

Introduction to threat protection with Microsoft 365
Mitigate incidents using Microsoft 365 Defender
Protect your identities with Azure AD Identity Protection
Remediate risks with Microsoft Defender for Office 365
Safeguard your environment with Microsoft Defender for Identity
Secure your cloud apps and services with Microsoft Cloud App Security
Respond to data loss prevention alerts using Microsoft 365
Manage insider risk in Microsoft 365

Module 3: Mitigate threats using Azure Defender

Plan for cloud workload protections using Azure Defender
Explain cloud workload protections in Azure Defender
Connect Azure assets to Azure Defender
Connect non-Azure resources to Azure Defender
Remediate security alerts using Azure Defender
Deploy Azure Defender
Mitigate Attacks with Azure Defender

Module 4: Create queries for Azure Sentinel using Kusto Query Language (KQL)

Construct KQL statements for Azure Sentinel
Analyze query results using KQL
Build multi-table statements using KQL
Work with data in Azure Sentinel using Kusto Query Language

Module 5: Configure your Azure Sentinel environment

Introduction to Azure Sentinel
Create and manage Azure Sentinel workspaces
Query logs in Azure Sentinel
Use watchlists in Azure Sentinel
Utilize threat intelligence in Azure Sentinel

Module 6: Connect logs to Azure Sentinel

Connect data to Azure Sentinel using data connector
Connect Microsoft services to Azure Sentinel
Connect Microsoft 365 Defender to Azure Sentinel
Connect Windows hosts to Azure Sentinel
Connect Common Event Format logs to Azure Sentinel
Connect syslog data sources to Azure Sentinel
Connect threat indicators to Azure Sentinel

Module 7: Create detections and perform investigations using Azure Sentinel

Threat detection with Azure Sentinel analytics
Threat response with Azure Sentinel playbooks
Security incident management in Azure Sentinel
Use entity behavior analytics in Azure Sentine
Query, visualize, and monitor data in Azure Sentinel

Module 8: Perform threat hunting in Azure Sentinel

Threat hunting with Azure Sentinel
Hunt for threats using notebooks in Azure Sentinel

Download Course Contents

Request More Information

Request a call back?

Course Prerequisites

Basic understanding of Microsoft 365
Fundamental understanding of Microsoft security, compliance, and identity products
Intermediate understanding of Windows 10
Familiarity with Azure services, specifically Azure SQL Database and Azure Storage
Familiarity with Azure virtual machines and virtual networking
Basic understanding of scripting concepts.