SC-200: Security Operations Analyst Associate
People are viewing this right now
Course Detail
SC-200: Security Operations Analyst Associate
-
Module: Mitigate threats using Microsoft 365 Defender (25–30%)
- Mitigate incidents using Microsoft Defender for Endpoint
- Mitigate incidents using Microsoft Defender for Office 365
- Mitigate incidents using Microsoft Defender for Identity
- Mitigate incidents using Microsoft Defender for Cloud Apps
- Analyze and interpret alerts from Microsoft 365 Defender
- Manage incidents across Microsoft 365 Defender
-
Module: Mitigate threats using Microsoft Defender for Cloud (20–25%)
- Plan and implement the use of Microsoft Defender for Cloud
- Configure Microsoft Defender for Cloud settings
- Manage security alerts in Microsoft Defender for Cloud
- Remediate security alerts and vulnerabilities
- Configure and interpret regulatory compliance in Defender for Cloud
- Recommend remediation for security issues across workloads
-
Module: Mitigate threats using Microsoft Sentinel (40–45%)
- Plan and implement Microsoft Sentinel workspace
- Connect Microsoft Sentinel to data sources
- Create and manage analytics rules
- Configure automation using playbooks
- Investigate incidents and hunt for threats
- Use queries to detect threats using KQL
- Analyze data using workbooks and notebooks
- Respond to incidents using automation
-
Module: Mitigate threats using third-party security solutions (5–10%)
- Integrate threat intelligence platforms
- Ingest data from third-party sources
- Monitor and respond to alerts using third-party tools
SC-200: Security Operations Analyst Associate