Course
Microsoft Security Operations Analyst – Flexible Training («SC200V»)
SC-200
Course facts
- Managing a security operations environment
- Configuring protections and detections
- Managing incident response
- Performing threat hunting
In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Azure Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.
1 Mitigate threats using Microsoft Defender XDR
Analyze threat data across domains and rapidly remediate threats with built-in orchestration and automation in Microsoft Defender XDR.
2 Mitigate threats using Microsoft Copilot for Security
Get started with Microsoft Copilot for Security. You're introduced to basic terminology, how Microsoft Copilot for Security processes prompts, the elements of an effective prompt, and how to enable the solution.
3 Mitigate threats using Microsoft Purview
In this Learning Path we focus on Microsoft Purview's risk and compliance solutions that assist security operations analysts detect threats to organizations and identify, classify, and protect sensitive data, as well as monitor and report on compliance.
4 Mitigate threats using Microsoft Defender for Endpoint
Implement the Microsoft Defender for Endpoint platform to detect, investigate, and respond to advanced threats.
5 Mitigate threats using Microsoft Defender for Cloud
Use Microsoft Defender for Cloud, for Azure, hybrid cloud, and on-premises workload protection and security.
6 Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
Write Kusto Query Language (KQL) statements to query log data to perform detections, analysis, and reporting in Microsoft Sentinel. This learning path will focus on the most used operators. The example KQL statements will showcase securityrelated table queries.
7 Configure your Microsoft Sentinel environment
Get started with Microsoft Sentinel by properly configuring the Microsoft Sentinel workspace.
8 Connect logs to Microsoft Sentinel
Connect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds to Microsoft Sentinel.
9 Create detections and perform investigations using Microsoft Sentinel
Detect previously uncovered threats and rapidly remediate threats with built-in orchestration and automation in Microsoft Sentinel.
10 Perform threat hunting in Microsoft Sentinel
Proactively hunt for security threats using the Microsoft Sentinel powerful threat hunting tools.
Digicomp Flexible Learning Approach:
- Training modality: During a period of 4 weeks, 6-8 half-day (3h each) virtual live sessions with our Azure MCT experts will take place. The sessions are already planned and can be easily combined with the daily work routine. Between the sessions there is enough time to process the learned knowledge.
- Detailed Session Plan: Click «Timetable» at the bottom of the page where you select your desired date.
- Basic understanding of Microsoft 365
- Intermediate understanding of Windows 10 devices
- Fundamental understanding of Microsoft security, compliance, and identity products
- Working knowledge of Microsoft security, compliance, and identity products
- Working knowledge of security operations and incident response
- Familiarity with Azure services, specifically Azure SQL Database and Azure Storage
- Familiarity with Azure virtual machines and virtual networking
- Basic understanding of scripting concepts
Basic knowledge gained in the following course is recommended:
- Exam: «SC-200: Microsoft Security Operations Analyst (beta)» for the
- Certification: «Microsoft Certified: Security Operations Analyst Associate»