The "SC-200: Microsoft Security Operations Analyst" course teaches how to investigate, respond to, and hunt for threats using Microsoft Azure Sentinel, Azure Defender, and Microsoft 365 Defender. It covers configuring and using Azure Sentinel, performing detection, analysis, and reporting with Kusto Query Language (KQL), and mitigating cyberthreats. Designed for Security Operations roles, this course prepares learners for the SC-200 exam.
The Microsoft Security Operations Analyst works closely with organizational stakeholders to secure IT systems, aiming to minimize risk by quickly addressing active threats, recommending improvements to threat protection practices, and reporting policy violations. This role involves threat management, monitoring, and response using various security solutions, including Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Analysts also play a key role in the configuration and deployment of these technologies.
At Course Completion: You will be able to:
Explain how Microsoft Defender for Endpoint can remediate risks and create a Defender for Endpoint environment.
Configure Attack Surface Reduction rules on Windows 10 devices and perform actions using Microsoft Defender for Endpoint.
Investigate domains, IP addresses, and user accounts in Microsoft Defender for Endpoint.
Configure alert settings and understand the evolving threat landscape.
Conduct advanced hunting and manage incidents in Microsoft 365 Defender.
Explain how Microsoft Defender for Identity can remediate risks and investigate DLP alerts in Microsoft Cloud App Security.
Configure auto-provisioning and remediate alerts in Azure Defender.
Construct and use KQL (Kusto Query Language) statements for filtering, extracting, and managing data.
Manage an Azure Sentinel workspace, including configuring Log Analytics agents, creating analytics rules and queries, and automating incident responses.
Use queries to hunt for threats and monitor them over time with livestream.
Prerequisites:
Basic understanding of Microsoft 365 and fundamental Microsoft security, compliance, and identity products.
Intermediate understanding of Windows 10.
Familiarity with Azure services, including Azure SQL Database, Azure Storage, Azure virtual machines, and virtual networking.
The Microsoft Security Operations Analyst works closely with organizational stakeholders to secure IT systems, aiming to minimize risk by quickly addressing active threats, recommending improvements to threat protection practices, and reporting policy violations. This role involves threat management, monitoring, and response using various security solutions, including Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Analysts also play a key role in the configuration and deployment of these technologies.
At Course Completion: You will be able to:
Explain how Microsoft Defender for Endpoint can remediate risks and create a Defender for Endpoint environment.
Configure Attack Surface Reduction rules on Windows 10 devices and perform actions using Microsoft Defender for Endpoint.
Investigate domains, IP addresses, and user accounts in Microsoft Defender for Endpoint.
Configure alert settings and understand the evolving threat landscape.
Conduct advanced hunting and manage incidents in Microsoft 365 Defender.
Explain how Microsoft Defender for Identity can remediate risks and investigate DLP alerts in Microsoft Cloud App Security.
Configure auto-provisioning and remediate alerts in Azure Defender.
Construct and use KQL (Kusto Query Language) statements for filtering, extracting, and managing data.
Manage an Azure Sentinel workspace, including configuring Log Analytics agents, creating analytics rules and queries, and automating incident responses.
Use queries to hunt for threats and monitor them over time with livestream.
Prerequisites:
Basic understanding of Microsoft 365 and fundamental Microsoft security, compliance, and identity products.
Intermediate understanding of Windows 10.
Familiarity with Azure services, including Azure SQL Database, Azure Storage, Azure virtual machines, and virtual networking.
Basic understanding of scripting concepts.
SpireTec solutions is the latest technology enabled I.Tmanagement training company specialized in offering 1500+ courses with the state of art training facilities backed by a team of industry experts in various domains with assuring best quality services.
Since SpireTec provides 24X7 training and support for your training needs is very adaptable to your time availabilities and offers customized training programs according to your availability and time zones of your contingent.
Because SpireTec aims for the personal & professional growth of you as individual & corporate as a whole, providing training on the latest and updated versions in the designated domains.
It is preferable but not mandatory to have domain experience in the area of your interest in which you want to opt training, supported by good English communication skills, a good Wi-Fi and computer or laptop system in case you want remote training.
Spire Tec aims and ensure to offer finest and world-class training to the participants by giving them a proper counselling and a guided career path by our industry experts which leads guaranteed success for you in the corporate world.
We offer online training (1-1, Group training), Classroom training, Onsite training with state of art facilities.
Live Online Training (Duration : 32 Hours)
