SC-200
Microsoft Security Operations Analyst
Duration: 4 Days
In this 4-day course, you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Azure Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.
Topics Covered:
Microsoft Defender for Endpoint
→ Create, configure, and utilize Microsoft Defender for Endpoint to remediate risks.
→ Perform actions, investigate domains, user accounts, and manage alerts.
Threat Landscape and Advanced Hunting
→ Understand the evolving threat landscape.
→ Conduct advanced hunting in Microsoft 365 Defender.
→ Manage incidents in Microsoft 365 Defender.
Defender for Identity & Cloud App Security
→ Explain and utilize Microsoft Defender for Identity to mitigate risks.
→ Investigate DLP alerts in Microsoft Cloud App Security.
→ Manage insider risk management cases.
Azure Defender and Sentinel
→ Configure and remediate alerts in Azure Defender.
→ Utilize KQL for threat detection and management in Azure Sentinel.
→ Manage Azure Sentinel workspaces, threat indicators, and event connectors.
Sentinel Analytics and Threat Response
→ Use KQL to create analytics rules and queries in Azure Sentinel.
→ Create playbooks for incident response automation.
→ Monitor threats and conduct threat hunting over time using queries and livestream in Azure Sentinel.
Intended Audience:
SC-200
Microsoft Security Operations Analyst Intakes
Mode: VIRTUAL/CLASSROOM
Malaysia
Singapore
Thailand
Indonesia
Vietnam
Philippines
© 2024 TRAINOCATE MALAYSIA SDN BHD. ALL RIGHTS RESERVED