Microsoft Security Operations Analyst (SC-200)
Training at a glance
Level
Intermediate
Duration
4 Days
Experience
1 year: Microsoft
Average Salary
$135,000
Labs
Yes
Training Details
Mitigate threats across endpoints, identity, email, and cloud apps using the Microsoft Defender XDR suite.
Configure and utilize Microsoft Sentinel (SIEM) for log ingestion, alert creation, and incident investigation.
Perform advanced threat hunting using Kusto Query Language (KQL) and specialized Sentinel tools.
Manage and mitigate risks related to information protection, data loss, and insider threats using Microsoft Purview.
Understand and utilize Microsoft Security Copilot for faster threat analysis and response leveraging Generative AI.
- Introduction to Microsoft Defender XDR threat protection
- Mitigate incidents using Microsoft Defender
- Remediate risks with Microsoft Defender for Office 365
- Manage Microsoft Entra Identity Protection
- Safeguard your environment with Microsoft Defender for Identity
- Secure your cloud apps and services with Microsoft Defender for Cloud Apps
Module 2: Mitigate threats using Microsoft Security Copilot
- Fundamentals of Generative AI
- Describe Microsoft Security Copilot
- Describe the core features of Microsoft Security Copilot
- Describe the embedded experiences of Microsoft Security Copilot
- Explore use cases of Microsoft Security Copilot
Module 3: Mitigate threats using Microsoft Purview
- Respond to data loss prevention alerts using Microsoft 365
- Manage insider risk in Microsoft Purview
- Search and investigate with Microsoft Purview Audit
- Investigate threats with Content search in Microsoft Purview
Module 4: Mitigate threats using Microsoft Defender for Endpoint
- Protect against threats with Microsoft Defender for Endpoint
- Deploy the Microsoft Defender for Endpoint environment
- Implement Windows security enhancements with Microsoft Defender for Endpoint
- Perform device investigations in Microsoft Defender for Endpoint
- Perform actions on a device using Microsoft Defender for Endpoint
- Perform evidence and entities investigations
- Configure and manage automation
- Configure alerts and detections
- Utilize Vulnerability Management
Module 5: Mitigate threats using Microsoft Defender for Cloud
- Plan for cloud workload protections
- Connect Azure assets to Microsoft Defender for Cloud
- Connect non-Azure resources
- Manage cloud security posture
- Explain cloud workload protections
- Remediate security alerts
Module 6: Create queries for Microsoft Sentinel using KQL
- Construct KQL statements
- Analyze query results
- Build multi-table statements
- Work with data in Microsoft Sentinel using KQL
Module 7: Configure your Microsoft Sentinel environment
- Introduction to Microsoft Sentinel
- Create and manage Sentinel workspaces
- Query logs
- Use watchlists
- Utilize threat intelligence
- Integrate Microsoft Defender XDR with Sentinel
Module 8: Connect logs to Microsoft Sentinel
- Connect data using data connectors
- Connect Microsoft services
- Connect Microsoft Defender XDR
- Connect Windows hosts
- Connect Common Event Format logs
- Connect syslog data sources
- Connect threat indicators
Module 9: Create detections and perform investigations using Microsoft Sentinel
- Threat detection with analytics
- Automation in Sentinel
- Threat response with playbooks
- Security incident management
- Identify threats with Behavioral Analytics
- Data normalization in Microsoft Sentinel
- Query, visualize, and monitor data in Microsoft Sentinel
- Manage content in Microsoft Sentinel
Module 10: Perform threat hunting in Microsoft Sentinel
- Explain threat hunting concepts in Microsoft Sentinel
- Threat hunting with Microsoft Sentinel
- Use Search jobs in Microsoft Sentinel
- Hunt for threats using notebooks in Microsoft Sentinel
- Microsoft Azure
- Microsoft 365 services and workloads
- Active Directory Domain Services (AD DS)
- PowerShell and Kusto Query Language (KQL)
Upcoming Classes
We offer more than just Microsoft Training
Our successful training results keep our corporate and military clients returning. That’s because we provide everything you need to succeed. This is true for all of our courses.
Strategic Planning & Project Management
From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
IT & Cybersecurity
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Leadership & Management
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.
