% Off Udemy Coupon - CoursesWyn

SC-200: Microsoft Security Operations Analyst

Pass SC-200 | Hands-on experience in your own free Azure environment

$9.99 (92% OFF)
Get Course Now

About This Course

<div>This course contains the use of artificial intelligence.</div><div><br></div><div><u><b>SC-200: Microsoft Security Operations Analyst</b></u>, is a meticulously structured Udemy course aimed at IT professionals seeking to pass the SC-200 exam. This course systematically walks you through the initial setup to advanced implementation with real-world applications.</div><div><br></div><div>By passing SC-200: Microsoft Security Operations Analyst, you're gaining proficiency in the highly recognized Microsoft security operations ecosystem.</div><div><br></div><div>The course is always aligned with Microsoft's latest study guide and exam objectives:</div><div><ul><li><span style="font-size: 1rem;">Manage a security operations environment (20–25%)</span></li><li><span style="font-size: 1rem;">Configure protections and detections (15–20%)</span></li><li><span style="font-size: 1rem;">Manage incident response (25–30%)</span></li><li><span style="font-size: 1rem;">Manage security threats (15–20%)</span></li></ul></div><div><br></div><div>Manage a security operations environment</div><div><br></div><div>Configure settings in Microsoft Defender XDR</div><div><ul><li><span style="font-size: 1rem;">Configure alert and vulnerability notification rules</span></li><li><span style="font-size: 1rem;">Configure Microsoft Defender for Endpoint advanced features</span></li><li><span style="font-size: 1rem;">Configure endpoint rules settings</span></li><li><span style="font-size: 1rem;">Manage automated investigation and response capabilities in Microsoft Defender XDR</span></li><li><span style="font-size: 1rem;">Configure automatic attack disruption in Microsoft Defender XDR</span></li></ul></div><div><br></div><div>Manage assets and environments</div><div><ul><li><span style="font-size: 1rem;">Configure and manage device groups, permissions, and automation levels in Microsoft Defender for Endpoint</span></li><li><span style="font-size: 1rem;">Identify unmanaged devices in Microsoft Defender for Endpoint</span></li><li><span style="font-size: 1rem;">Discover unprotected resources by using Defender for Cloud</span></li><li><span style="font-size: 1rem;">Identify and remediate devices at risk by using Microsoft Defender Vulnerability Management</span></li><li><span style="font-size: 1rem;">Mitigate risk by using Exposure Management in Microsoft Defender XDR</span></li></ul></div><div><br></div><div>Design and configure a Microsoft Sentinel workspace</div><div><ul><li><span style="font-size: 1rem;">Plan a Microsoft Sentinel workspace</span></li><li><span style="font-size: 1rem;">Configure Microsoft Sentinel roles</span></li><li><span style="font-size: 1rem;">Specify Azure RBAC roles for Microsoft Sentinel configuration</span></li><li><span style="font-size: 1rem;">Design and configure Microsoft Sentinel data storage, including log types and log retention</span></li></ul></div><div><br></div><div>Ingest data sources in Microsoft Sentinel</div><div><ul><li><span style="font-size: 1rem;">Identify data sources to be ingested for Microsoft Sentinel</span></li><li><span style="font-size: 1rem;">Implement and use Content hub solutions</span></li><li><span style="font-size: 1rem;">Configure and use Microsoft connectors for Azure resources, including Azure Policy and diagnostic settings</span></li><li><span style="font-size: 1rem;">Plan and configure Syslog and Common Event Format (CEF) event collections</span></li><li><span style="font-size: 1rem;">Plan and configure collection of Windows Security events by using data collection rules, including Windows Event Forwarding (WEF)</span></li><li><span style="font-size: 1rem;">Create custom log tables in the workspace to store ingested data</span></li><li><span style="font-size: 1rem;">Monitor and optimize data ingestion</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Configure protections and detections</span></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Configure protections in Microsoft Defender security technologies</span></div><div><ul><li><span style="font-size: 1rem;">Configure policies for Microsoft Defender for Cloud Apps</span></li><li><span style="font-size: 1rem;">Configure policies for Microsoft Defender for Office 365</span></li><li><span style="font-size: 1rem;">Configure security policies for Microsoft Defender for Endpoints, including attack surface reduction (ASR) rules</span></li><li><span style="font-size: 1rem;">Configure cloud workload protections in Microsoft Defender for Cloud</span></li></ul></div><div><br></div><div>Configure detections in Microsoft Defender XDR</div><div><ul><li><span style="font-size: 1rem;">Configure and manage custom detection rules</span></li><li><span style="font-size: 1rem;">Manage alerts, including tuning, suppression, and correlation</span></li><li><span style="font-size: 1rem;">Configure deception rules in Microsoft Defender XDR</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Configure detections in Microsoft Sentinel</span></div><div><ul><li><span style="font-size: 1rem;">Classify and analyze data by using entities</span></li><li><span style="font-size: 1rem;">Configure and manage analytics rules</span></li><li><span style="font-size: 1rem;">Query Microsoft Sentinel data by using ASIM parsers</span></li><li>Implement behavioral analytics</li></ul></div><div><br></div><div>Manage incident response</div><div><br></div><div>Respond to alerts and incidents in the Microsoft Defender portal</div><div><ul><li><span style="font-size: 1rem;">Investigate and remediate threats by using Microsoft Defender for Office 365</span></li><li><span style="font-size: 1rem;">Investigate and remediate ransomware and business email compromise incidents identified by automatic attack disruption</span></li><li><span style="font-size: 1rem;">Investigate and remediate compromised entities identified by Microsoft Purview data loss prevention (DLP) policies</span></li><li><span style="font-size: 1rem;">Investigate and remediate threats identified by Microsoft Purview insider risk policies</span></li><li><span style="font-size: 1rem;">Investigate and remediate alerts and incidents identified by Microsoft Defender for Cloud workload protections</span></li><li><span style="font-size: 1rem;">Investigate and remediate security risks identified by Microsoft Defender for Cloud Apps</span></li><li><span style="font-size: 1rem;">Investigate and remediate compromised identities that are identified by Microsoft Entra ID</span></li><li><span style="font-size: 1rem;">Investigate and remediate security alerts from Microsoft Defender for Identity</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Respond to alerts and incidents identified by Microsoft Defender for Endpoint</span></div><div><ul><li><span style="font-size: 1rem;">Investigate device timelines</span></li><li><span style="font-size: 1rem;">Perform actions on the device, including live response and collecting investigation packages</span></li><li><span style="font-size: 1rem;">Perform evidence and entity investigation</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Investigate Microsoft 365 activities</span></div><div><ul><li><span style="font-size: 1rem;">Investigate threats by using the unified audit log</span></li><li><span style="font-size: 1rem;">Investigate threats by using Content Search</span></li><li><span style="font-size: 1rem;">Investigate threats by using Microsoft Graph activity logs</span></li></ul></div><div><br></div><div>Respond to incidents in Microsoft Sentinel</div><div><ul><li><span style="font-size: 1rem;">Investigate and remediate incidents in Microsoft Sentinel</span></li><li><span style="font-size: 1rem;">Create and configure automation rules</span></li><li><span style="font-size: 1rem;">Create and configure Microsoft Sentinel playbooks</span></li><li><span style="font-size: 1rem;">Run playbooks on on-premises resources</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Implement and use Copilot for Security</span></div><div><ul><li><span style="font-size: 1rem;">Create and use promptbooks</span></li><li><span style="font-size: 1rem;">Manage sources for Copilot for Security, including plugins and files</span></li><li><span style="font-size: 1rem;">Integrate Copilot for Security by implementing connectors</span></li><li><span style="font-size: 1rem;">Manage permissions and roles in Copilot for Security</span></li><li><span style="font-size: 1rem;">Monitor Copilot for Security capacity and cost</span></li><li><span style="font-size: 1rem;">Identify threats and risks by using Copilot for Security</span></li><li><span style="font-size: 1rem;">Investigate incidents by using Copilot for Security</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Manage security threats</span></div><div><br></div><div>Hunt for threats by using Microsoft Defender XDR</div><div><ul><li><span style="font-size: 1rem;">Identify threats by using Kusto Query Language (KQL)</span></li><li><span style="font-size: 1rem;">Interpret threat analytics in the Microsoft Defender portal</span></li><li><span style="font-size: 1rem;">Create custom hunting queries by using KQL</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Hunt for threats by using Microsoft Sentinel</span></div><div><ul><li><span style="font-size: 1rem;">Analyze attack vector coverage by using the MITRE ATT&amp;CK matrix</span></li><li><span style="font-size: 1rem;">Manage and use threat indicators</span></li><li><span style="font-size: 1rem;">Create and manage hunts</span></li><li><span style="font-size: 1rem;">Create and monitor hunting queries</span></li><li><span style="font-size: 1rem;">Use hunting bookmarks for data investigations</span></li><li><span style="font-size: 1rem;">Retrieve and manage archived log data</span></li><li><span style="font-size: 1rem;">Create and manage search jobs</span></li></ul></div><div><span style="font-size: 1rem;"><br></span></div><div><span style="font-size: 1rem;">Create and configure Microsoft Sentinel workbooks</span></div><div><ul><li><span style="font-size: 1rem;">Activate and customize workbook templates</span></li><li><span style="font-size: 1rem;">Create custom workbooks that include KQL</span></li><li><span style="font-size: 1rem;">Configure visualizations</span></li></ul></div><div><br></div><div>This course contains promotional materials.</div>

What you'll learn:

  • Configure settings in Microsoft Defender XDR
  • Manage assets and environments
  • Design and configure a Microsoft Sentinel workspace
  • Ingest data sources in Microsoft Sentinel
  • Configure protections in Microsoft Defender security technologies
  • Configure detection in Microsoft Defender XDR
  • Configure detections in Microsoft Sentinel
  • Respond to alerts and incidents in Microsoft Defender XDR
  • Respond to alerts and incidents identified by Microsoft Defender for Endpoint
  • Enrich investigations by using other Microsoft tools
  • Manage incidents in Microsoft Sentinel
  • Configure security orchestration, automation, and response (SOAR) in Microsoft Sentinel
  • Hunt for threats by using KQL
  • Hunt for threats by using Microsoft Sentinel
  • Analyze and interpret data by using workbooks
  • Implement and use Copilot for Security

More Course Deals

Check out more discounted courses on CoursesWyn.

Browse All Deals