SC-200 Microsoft Security Operations Analyst
Price Net € VAT €
Price Price on Request
Duration
4 days
Location
Course Language English
Training Solutions Online Live
Professional IT security requires more than just individual tools. It calls for well-thought-out processes, continuous monitoring, and precise analysis of security events. Microsoft-based security operations combine these requirements in integrated platforms.
Key topics
- Central evaluation of security-related data.
- Handling alerts and incidents.
- Threat intelligence and attack detection.
- Use of Microsoft Sentinel.
- Automation of response steps.
- Operation of secure cloud and hybrid environments.
Prerequisites
Knowledge of IT systems, cloud services, and basic security principles is required.
Target audience
IT security professionals, administrators, SOC employees, and technically oriented roles with security responsibilities.
Structured security operations increase transparency and response speed. The content supports sustainable security operations that withstand current threats and reliably secure modern IT architectures.
- Threat protection in Microsoft 365
- Incident response with Microsoft 365 Defender
- Identity protection with Azure AD Identity Protection
- Risk mitigation with Microsoft Defender for Office 365
- Protect your environment with Microsoft Defender for Identity
- Securing cloud applications with Microsoft Defender for Cloud Apps
- Responding to data loss alerts in Microsoft 365
- Manage insider risks in Microsoft 365
- Protect with Microsoft Defender for Endpoint
- Deploying the Defender environment
- Implementing Windows security enhancements
- Performing device investigations
- Performing actions on devices
- Investigating evidence and entities
- Configuring and managing automation
- Setting up alerts and detections
- Using vulnerability management
- Plan protection for cloud workloads with Microsoft Defender for Cloud
- Connect Azure resources to Microsoft Defender for Cloud
- Connect non-Azure resources to Microsoft Defender for Cloud
- Manage cloud security posture management
- Explain cloud workload protection in Microsoft Defender for Cloud
- Resolve security alerts in Microsoft Defender for Cloud
- Create KQL statements for Microsoft Sentinel
- Analyze query results with KQL
- Create multi-table queries with KQL
- Edit data in Microsoft Sentinel with KQL
- Microsoft Sentinel Overview
- Microsoft Sentinel workspaces
- Querying logs in Microsoft Sentinel
- Using watchlists in Microsoft Sentinel
- Threat data in Microsoft Sentinel
- Connect data to Microsoft Sentinel using connectors
- Integrate Microsoft services into Microsoft Sentinel
- Connect Microsoft 365 Defender to Microsoft Sentinel
- Integrate Windows hosts into Microsoft Sentinel
- Connect Common Event Format logs to Microsoft Sentinel
- Integrate syslog data sources into Microsoft Sentinel
- Connect threat indicators to Microsoft Sentinel
- Detect threats with Microsoft Sentinel analytics
- Automation with Microsoft Sentinel
- Respond to threats with Sentinel playbooks
- Manage security incidents in Microsoft Sentinel
- Detect threats with entity behavior analytics
- Normalize data in Microsoft Sentinel
- Query, visualize, and monitor data in Microsoft Sentinel
- Managing content in Microsoft Sentinel
- Threat hunting concepts in Microsoft Sentinel
- Threat hunting in Microsoft Sentinel
- Using search jobs in Microsoft Sentinel
- Threat hunting with notebooks in Microsoft Sentinel
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
09:00 - 17:00
