SC-200: Microsoft Security Operations Analyst

The Microsoft security operations analyst works with organizational stakeholders to secure the organization’s information technology systems. Its mission is to reduce corporate risk by quickly resolving active attacks in the environment, advising on threat protection practices, and reporting policy violations to the proper stakeholders.

Threat management, monitoring, and response using a variety of security technologies across their environment are among their responsibilities. Using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security tools, the position primarily investigates, responds to, and hunts for threats. The security operations analyst is a key stakeholder in the configuration and implementation of these technologies as they consume the operational output of these solutions.

This course starts by mitigating threats using Microsoft 365 Defender following which we will move on to module 2: mitigate threats using Microsoft Defender for Endpoint and module 3: mitigate threats using Azure Defender. Module 4 is all about creating queries for Azure Sentinel using Kusto query language whilst module 5 will be based on Microsoft Sentinel environment – configuration.

Furthermore, module 6 will be about the Microsoft Sentinel environment - connecting logs. Post which, we will understand module 7 Microsoft Sentinel environment - incidents, threat response, UEBA, and monitoring. We will be wrapping up the course by understanding how to perform threat hunting with Microsoft Sentinel, which will be our 8th module.

By the end of the course, you will gain the requisite knowledge and confidence to pass the SC-200: Microsoft Security Operations Analyst Exam.

All resources to this course are placed here: https://github.com/PacktPublishing/SC-200-Microsoft-Security-Operations…

Type
video
Category
Cloud & Networking
publication date
2022-06-27
what you will learn

Define the capabilities of Microsoft Defender for Endpoint
Understand how to hunt threats within your network
Create a Microsoft Defender for the Endpoint environment
Configure Microsoft Defender for Endpoint environment settings
Manage indicators in Microsoft Defender for Endpoint
Construct KQL statements

duration
781
key features
Identify vulnerabilities on your devices with Microsoft Defender for Endpoint * Explain how Microsoft Defender for Endpoint can remediate risks in your environment * Describe threat and vulnerability management in Microsoft Defender for Endpoint
approach
This course teaches you how to learn it the right way with tons of lab exercises and the right volume of labs. The course is designed and mapped exactly to the latest pattern and structure of the SC-200: Microsoft Security Operations Analyst Exam.
audience
This course is for participants aspiring for an SC-200 Certification. This is designed for everyone who aspires to work in the modern age SOC environment and for anyone who wants to learn the M365 defender suite of services.

A basic understanding of Microsoft 365 and foundational knowledge of computer networking will be beneficial.
meta description
Learn to implement Microsoft Defender for Endpoint platform to detect, investigate, and respond to advanced threats.
short description
A carefully structured course loaded with lab exercises that will help you learn all about implementing Microsoft Defender for Endpoint platform the right way. The course’s learning path aligns with the SC-200: Microsoft Security Operations Analyst Exam.
subtitle
Become a Microsoft SOC engineer today by taking this course
keywords
SC -200, Microsoft Security Analysts, SOC engineer, Microsoft Defender, Microsoft Endpoint, KQL statements, Threat, Vulnerability management
Product ISBN
9781804611777