% Off Udemy Coupon - CoursesWyn

SC-200 Microsoft Security Operations Analyst Course & SIMs

Get prepared for the SC-200 exam with instructor led labs and hands on simulations available 24/7

$10.99 (93% OFF)
Get Course Now

About This Course

<div>We really hope you'll agree, this training is way more then the average course on Udemy!</div><div><br></div><div>Have access to the following:</div><div><ul><li><span style="font-size: 1rem;">Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer</span></li><li><span style="font-size: 1rem;">Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material</span></li><li><span style="font-size: 1rem;">Instructor led hands on and simulations to practice that can be followed even if you have little to no experience</span></li></ul></div><div><br></div><div>TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:</div><div><span style="font-size: 1rem;">Introduction</span></div><div><ul><li><span style="font-size: 1rem;">Welcome to the course</span></li><li><span style="font-size: 1rem;">Understanding the Microsoft Environment</span></li><li><span style="font-size: 1rem;">Foundations of Active Directory Domains</span></li><li><span style="font-size: 1rem;">Foundations of RAS, DMZ, and Virtualization</span></li><li><span style="font-size: 1rem;">Foundations of the Microsoft Cloud Services</span></li><li><span style="font-size: 1rem;">DONT SKIP: The first thing to know about Microsoft cloud services</span></li><li><span style="font-size: 1rem;">DONT SKIP: Azure AD is now renamed to Entra ID</span></li><li><span style="font-size: 1rem;">Questions for John Christopher</span></li><li><span style="font-size: 1rem;">Order of concepts covered in the course</span></li></ul></div><div><span style="font-size: 1rem;">Performing hands on activities</span></div><div><ul><li><span style="font-size: 1rem;">DONT SKIP: Using Assignments in the course</span></li><li><span style="font-size: 1rem;">Creating a free Microsoft 365 Account</span></li><li><span style="font-size: 1rem;">Activating licenses for Defender for Endpoint and Vulnerabilities</span></li><li><span style="font-size: 1rem;">Getting your free Azure credit</span></li><li><span style="font-size: 1rem;">How to setup an Azure virtual machine for practicing hands on</span></li><li><span style="font-size: 1rem;">Setting up Microsoft Entra for device management</span></li><li><span style="font-size: 1rem;">How to join our test virtual machine to Microsoft Entra</span></li></ul></div><div><span style="font-size: 1rem;">Configure settings in Microsoft Defender XDR</span></div><div><ul><li><span style="font-size: 1rem;">Introduction to Microsoft 365 Defender</span></li><li><span style="font-size: 1rem;">Concepts of the purpose of extended detection and response (XDR)</span></li><li><span style="font-size: 1rem;">Microsoft Defender and Microsoft Purview admin centers</span></li><li><span style="font-size: 1rem;">Concepts of management with Microsoft Defender for Endpoint</span></li><li><span style="font-size: 1rem;">Setting up a Microsoft Defender Admin role for permissions</span></li><li><span style="font-size: 1rem;">Onboarding to manage devices using Defender for Endpoint</span></li><li><span style="font-size: 1rem;">Bulk automatic onboarding with Microsoft Intune</span></li><li><span style="font-size: 1rem;">How to verify Windows devices have been onboarded</span></li><li><span style="font-size: 1rem;">A note about extra features in your Defender for Endpoint</span></li><li><span style="font-size: 1rem;">Incidents, alert notifications, and advanced feature for endpoints</span></li><li><span style="font-size: 1rem;">Review and respond to endpoint vulnerabilities</span></li></ul></div><div><span style="font-size: 1rem;">Manage assets and environments</span></div><div><ul><li><span style="font-size: 1rem;">Configure and manage device groups</span></li><li><span style="font-size: 1rem;">Identify devices at risk using the Microsoft Defender Vulnerability Management</span></li><li><span style="font-size: 1rem;">Overview of Microsoft Defender for Cloud</span></li><li><span style="font-size: 1rem;">Manage resources by using Azure Arc</span></li><li><span style="font-size: 1rem;">Connect environments to Microsoft Defender for Cloud (by using multi-cloud account management)</span></li><li><span style="font-size: 1rem;">Identify unmanaged devices by using device discovery</span></li></ul></div><div><span style="font-size: 1rem;">Design and configure a Microsoft Sentinel workspace</span></div><div><ul><li><span style="font-size: 1rem;">Concepts of Microsoft Sentinel</span></li><li><span style="font-size: 1rem;">Plan a Microsoft Sentinel workspace</span></li><li><span style="font-size: 1rem;">Configure Microsoft Sentinel roles and specify Azure RBAC roles</span></li><li><span style="font-size: 1rem;">Design and configure Microsoft Sentinel data storage,log types and log retention</span></li></ul></div><div><span style="font-size: 1rem;">Ingest data sources in Microsoft Sentinel</span></div><div><ul><li><span style="font-size: 1rem;">Identify data sources to be ingested for Microsoft Sentinel</span></li><li><span style="font-size: 1rem;">Implement and use Content hub solutions</span></li><li><span style="font-size: 1rem;">A note about Kusto Query Language (KQL)</span></li><li><span style="font-size: 1rem;">Configure &amp; use MS connectors for Azure, including Azure Policy &amp; diagnostics</span></li><li><span style="font-size: 1rem;">Plan and configure Azure Monitor Agent (AMA) and data collection rules</span></li><li><span style="font-size: 1rem;">Plan and configure Syslog and Common Event Format (CEF) event collections</span></li><li><span style="font-size: 1rem;">Collection of Windows Security events and Windows Event Forwarding (WEF)</span></li><li><span style="font-size: 1rem;">Create custom log tables in the workspace to store ingested data</span></li><li><span style="font-size: 1rem;">Configure Sentinel to ingest Azure and Entra ID data</span></li><li><span style="font-size: 1rem;">Monitor and optimize data ingestion</span></li></ul></div><div><span style="font-size: 1rem;">Configure protections in Microsoft Defender security technologies</span></div><div><ul><li><span style="font-size: 1rem;">Plan and configure Microsoft Defender for Cloud settings</span></li><li><span style="font-size: 1rem;">Configure Microsoft Defender for Cloud roles</span></li><li><span style="font-size: 1rem;">Configure security policies including attack surface reduction (ASR) rules</span></li><li><span style="font-size: 1rem;">Assess and recommend cloud workload protection and enable plans</span></li><li><span style="font-size: 1rem;">Configure automated onboarding of Azure resources</span></li></ul></div><div><span style="font-size: 1rem;">Configure detection in Microsoft Defender XDR</span></div><div><ul><li><span style="font-size: 1rem;">Run an attack simulation email campaign in Microsoft 365 Defender</span></li><li><span style="font-size: 1rem;">Identify threats by using Kusto Query Language (KQL)</span></li><li><span style="font-size: 1rem;">Identify and remediate security risks by using Microsoft Secure Score</span></li><li><span style="font-size: 1rem;">Analyze threat analytics in the Microsoft 365 Defender portal</span></li><li><span style="font-size: 1rem;">Configure and manage custom detections and alerts</span></li></ul></div><div><span style="font-size: 1rem;">Configure detections in Microsoft Sentinel</span></div><div><ul><li><span style="font-size: 1rem;">Classify and analyze data by using entities</span></li><li><span style="font-size: 1rem;">Concepts of Microsoft Sentinel analytics rules</span></li><li><span style="font-size: 1rem;">Configure and manage analytics rules</span></li><li><span style="font-size: 1rem;">Query Microsoft Sentinel data by using ASIM parsers</span></li><li><span style="font-size: 1rem;">Implement behavioral analytics</span></li></ul></div><div><span style="font-size: 1rem;">Respond to alerts and incidents in Microsoft Defender XDR</span></div><div><ul><li><span style="font-size: 1rem;">Using polices to remediate threats with Email ,Teams, SharePoint &amp; OneDrive</span></li><li><span style="font-size: 1rem;">Investigate, respond, and remediate threats with Defender for Office 365</span></li><li><span style="font-size: 1rem;">Understanding data loss prevention (DLP) in Microsoft 365 Defender</span></li><li><span style="font-size: 1rem;">Understanding Data loss prevention roles and permissions</span></li><li><span style="font-size: 1rem;">Implement data loss prevention policies (DLP)</span></li><li><span style="font-size: 1rem;">Adaptive Protection with data loss prevention</span></li><li><span style="font-size: 1rem;">Policy and rule precedence in Data Loss Prevention</span></li><li><span style="font-size: 1rem;">Understanding insider risk policies</span></li><li><span style="font-size: 1rem;">Implement Insider Risk Management connectors</span></li><li><span style="font-size: 1rem;">Generating an insider risk policy</span></li><li><span style="font-size: 1rem;">Discover and manage apps by using Microsoft Defender for Cloud Apps</span></li><li><span style="font-size: 1rem;">Identify, investigate, &amp; remediate security risks by using Defender for Cloud Apps</span></li><li><span style="font-size: 1rem;">Manage actions and submissions in the Microsoft 365 Defender portal</span></li></ul></div><div><span style="font-size: 1rem;">Respond to alerts and incidents identified by Microsoft Defender for Endpoint</span></div><div><ul><li><span style="font-size: 1rem;">Configure anomaly detection analytics rules</span></li><li><span style="font-size: 1rem;">How to trigger some incidents using a client device for testing</span></li><li><span style="font-size: 1rem;">Investigate timeline of compromised devices</span></li></ul></div><div><span style="font-size: 1rem;">Investigate Microsoft 365 activities</span></div><div><ul><li><span style="font-size: 1rem;">Understanding unified audit log licensing and requirements</span></li><li><span style="font-size: 1rem;">Setting unified audit permissions and enabling support</span></li><li><span style="font-size: 1rem;">Perform threat hunting by using unified audit log</span></li><li><span style="font-size: 1rem;">Perform threat hunting by using Content Search</span></li><li><span style="font-size: 1rem;">Perform threat hunting by using Microsoft Graph activity logs</span></li></ul></div><div><span style="font-size: 1rem;">Respond to incidents in Microsoft Sentinel</span></div><div><ul><li><span style="font-size: 1rem;">Investigate and remediate incidents in Microsoft Sentinel</span></li><li><span style="font-size: 1rem;">Understanding automation rules and Microsoft Sentinel playbooks</span></li><li><span style="font-size: 1rem;">Create and configure automation rules</span></li><li><span style="font-size: 1rem;">Create and configure Microsoft Sentinel playbooks</span></li><li><span style="font-size: 1rem;">Run playbooks on on-premises resources</span></li></ul></div><div><span style="font-size: 1rem;">Implement and use Microsoft Security Copilot</span></div><div><ul><li><span style="font-size: 1rem;">What is Copilot for Security?</span></li><li><span style="font-size: 1rem;">Onboarding Copilot for Security</span></li><li><span style="font-size: 1rem;">Create and use promptbooks</span></li><li><span style="font-size: 1rem;">Manage sources for Copilot for Security, including plugins and files</span></li><li><span style="font-size: 1rem;">Manage permissions and roles in Copilot for Security</span></li><li><span style="font-size: 1rem;">Monitor Copilot for Security capacity and cost</span></li><li><span style="font-size: 1rem;">Identify threats and risks by using Copilot for Security</span></li><li><span style="font-size: 1rem;">Investigate incidents by using Copilot for Security</span></li></ul></div><div><span style="font-size: 1rem;">Hunt for threats by using Microsoft Defender XDR</span></div><div><ul><li><span style="font-size: 1rem;">Identify purposes of using Kusto Query Language (KQL)</span></li><li><span style="font-size: 1rem;">Practicing with KQL in Microsoft's Demo environment</span></li><li><span style="font-size: 1rem;">Searching for information using basic KQL syntax</span></li><li><span style="font-size: 1rem;">Summarizing KQL results and filtering based on time ranges</span></li><li><span style="font-size: 1rem;">Using KQL to display data based on columns, amounts and characters</span></li><li><span style="font-size: 1rem;">Implementing variables and combining output data with KQL</span></li><li><span style="font-size: 1rem;">Identify and interpret threats analytics by using KQL in Defender</span></li><li><span style="font-size: 1rem;">Customizing hunting queries using Microsoft's Sentinel and Defender repository</span></li></ul></div><div><span style="font-size: 1rem;">Hunt for threats by using Microsoft Sentinel</span></div><div><ul><li><span style="font-size: 1rem;">Analyze attack vector coverage by using the MITRE ATT&amp;CK matrix</span></li><li><span style="font-size: 1rem;">Manage and use threat indicators</span></li><li><span style="font-size: 1rem;">Create and manage hunts</span></li><li><span style="font-size: 1rem;">Create and monitor hunting queries</span></li><li><span style="font-size: 1rem;">Use hunting bookmarks for data investigations</span></li><li><span style="font-size: 1rem;">Retrieve and manage archived log data</span></li><li><span style="font-size: 1rem;">Create and manage search jobs</span></li></ul></div><div><span style="font-size: 1rem;">Create and configure Microsoft Sentinel workbooks</span></div><div><ul><li><span style="font-size: 1rem;">Activate and customize workbook templates</span></li><li><span style="font-size: 1rem;">Create custom workbooks that include KQL</span></li><li><span style="font-size: 1rem;">Configure visualizations</span></li></ul></div><div><span style="font-size: 1rem;">Conclusion</span></div><div><ul><li><span style="font-size: 1rem;">Cleaning up your lab environment</span></li><li><span style="font-size: 1rem;">Getting a Udemy certificate</span></li><li><span style="font-size: 1rem;">BONUS Where do I go from here?</span></li></ul></div>

What you'll learn:

  • Learn the concepts and perform hands on activities needed to pass the SC-200 exam
  • Gain a tremendous amount of knowledge involving securing Microsoft 365 and Azure Services
  • Get loads of hands on experience with Security Operations for Microsoft 365
  • Utilize hands on simulations that can be access anytime, anywhere!

More Course Deals

Check out more discounted courses on CoursesWyn.

Browse All Deals