👨‍🏫 Instructor-Led Training

SC-200: Microsoft Security Operations Analyst

Course Code: SC-200
Duration: 4 Days
Level: Intermediate
Category: IT Support and Administration

Course Overview

Equip yourself with the skills to detect, investigate, and respond to security threats with SC-200T00-A: Microsoft Security Operations Analyst, an agent-led, hands-on course designed for security professionals. This course covers the latest tools and techniques to manage security operations using Microsoft Sentinel, Microsoft Defender, and other Microsoft security solutions. Learn to monitor security alerts, analyze incidents, and apply threat intelligence to protect your organization's infrastructure effectively. Perfect for security analysts looking to strengthen their expertise in Microsoft security operations and incident response.


Audience

  • Security Operations Analysts responsible for monitoring and responding to security threats

  • IT professionals and security engineers focused on threat detection and incident management

  • Security specialists aiming to enhance skills in Microsoft Sentinel, Defender, and security analytics

  • Organizations adopting Microsoft security solutions and seeking to improve their SOC capabilities


Course Outline

1. Introduction to Microsoft Security Operations

  • Overview of security operations and analyst responsibilities

  • Understanding Microsoft security solutions and ecosystem

2. Managing Security Alerts and Incidents

  • Configuring and managing alerts in Microsoft Sentinel

  • Investigating and triaging security incidents

  • Using threat intelligence to enrich incident analysis

3. Microsoft Defender for Endpoint and Identity

  • Monitoring and responding to endpoint threats

  • Managing identity and access security alerts

  • Integration between Defender and Sentinel for comprehensive security

4. Hunting and Investigation Techniques

  • Using hunting queries and notebooks in Microsoft Sentinel

  • Applying advanced analytics and custom detections

  • Collaborating with stakeholders during investigations

5. Automating Security Operations

  • Implementing playbooks and automation in Sentinel

  • Orchestrating response actions to improve efficiency

6. Reporting and Compliance

  • Generating reports for security posture and compliance

  • Best practices for continuous improvement in security operations


Note: This course includes 40% to 50% hands-on exercises to provide practical experience in managing and responding to security operations within Microsoft environments.

Hands-On Labs

This course includes practical, hands-on laboratory exercises to reinforce your learning:

Ready to Get Started?

Join thousands of professionals who have advanced their careers with our training programs.

Join Scheduled Training

Find upcoming sessions for this course and register for instructor-led training with other professionals.

View Schedule

Custom Training Solution

Need training for your team? We'll create a customized program that fits your organization's specific needs.

Get Custom Quote