SC-200 Microsoft Security Operations Analyst
What you'll learn
- Explain how Microsoft Defender for Endpoint can remediate risks in your environment
- Create a Microsoft Defender for Endpoint environment
- Configure Attack Surface Reduction rules on Windows devices
- Configure alert settings in Microsoft Defender for Endpoint
- Conduct advanced hunting in Microsoft 365 Defender
- Manage incidents in Microsoft 365 Defender
- Investigate DLP alerts in Microsoft Defender for Cloud Apps
- Explain the types of actions you can take on an insider risk management case
- Configure Microsoft Defender for Cloud
- Remediate alerts in Microsoft Defender for Cloud
- Construct Kusto Query Language (KQL) statements
- Extract data from unstructured string fields using KQL
- Manage a Microsoft Sentinel workspace
- Use KQL to access the watchlist in Microsoft Sentinel
- Manage threat indicators in Microsoft Sentinel
- Configure different data sources in Microsoft Sentinel
Requirements
- Basic understanding of Microsoft 365
- Basic understanding of Microsoft security, compliance, and identity products
- Intermediate understanding of Windows 10/11
- Familiarity with Azure services
- Familiarity with Azure virtual machines and virtual networking
- Basic understanding of scripting concepts
Description
This course is a complete preparation for the SC-200 exam. ( Including hands-on Labs)
The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.
Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
Don't be left behind. Be ahead of the curve by getting certified as a Microsoft Security Operations Analyst, and be ready for the opportunity to advance your career in Cybersecurity.
All video lectures will cover all SC-200 exam topics and include hands on demonstrations on each topic.
The course has been structured to follow the exact official Microsoft training plan. So if you want to pass your exam on your first attempt hit the enroll button now and you will get:
· Video lectures on each topic of the exam with demos that fully prepare you for your exam as well as ensuring you can administer all Microsoft security services and tools like a Pro
· Review questions at the end of each section (quizz) to test your knowledge on the topics learned in the section
· LABS at the end of each section. The labs follow the official Microsoft training labs and they are designed so you can practice yourself at your own pace when you aren't watching the videos. You will have step-by-step instructions available to complete each lab and instructions to prepare your lab environment and deploy the necesarry resources for the labs.
· Interactive pre-recorded demonstrations on some of the topics that cannot be covered in the lab environment
· Links to official Microsoft resources/blogs/videos for further documentation available for each lesson on each topic
This course curriculum follows the Microsoft's SC-200 exam study areas:
· Mitigate threats using Microsoft 365 Defender (25-30%)
· Mitigate threats using Microsoft Defender for Cloud (25-30%)
· Mitigate threats using Microsoft Sentinel (40-45%)
Microsoft, Windows, Microsoft 365 and Microsoft Azure are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. This course is not certified, accredited, affiliated with, nor endorsed by Microsoft Corporation.
Who this course is for:
- Security Operations Analysts or anyone aspiring to work in this role
- Anyone working in IT with exposure to Security Operations
- Any IT enthusiast who wants to learn about Microsoft Security technologies
- Candidates for the SC-200 exam
Instructor
Technology is rapidly becoming a way of life, a way of work, a way in which everyone moves forward faster. Our courses were created on the basis that we could help people to become empowered by learning IT skills themselves, rather than having someone else tell them what to do.
IT New Courses gives people the depth of knowledge they need to get IT certifications which have a high-demand for professional careers in the job market. Our goal is to always bring you the most up to date content needed to not only pass the exam, but gain the real world experience necessary to excel in your IT career.
IT New Courses brings you comprehensive yet concise video courses straight from the experts in the following areas:
- Cloud Computing and Environments
- Server Administration
- Networking
- Cyber Security
Our courses are created by professional instructors who are certified with the following:
- Microsoft Technology Associate: Windows Operating System Fundamentals
– Microsoft Technology Associate: Networking Fundamentals
– Microsoft Technology Associate: Windows Server® Administration Fundamentals
– Microsoft® Certified Solutions Associate: Windows 8 (MCSA)
– Microsoft® Certified Solutions Associate: Windows Server 2012 R2 / 2016 (MCSA)
– Server Virtualization with Windows Server Hyper-V and System Center (MCSA)
– Microsoft® Certified Solutions Expert: Cloud Platform and Infrastructure (MCSE)
– Comptia Security +
– Microsoft Cyber Security Professional
– Certified Ethical Hacker (CEH v10)
– Micrsosoft Certified Azure Solutions Architect Expert