1. Training
  2. Education & Training Catalog
  3. NetCom Learning
  4. SC-200T00: Microsoft Security Operations Analyst

SC-200T00: Microsoft Security Operations Analyst

Master threat management with SC-200: Microsoft Security Operations Analyst training. Learn KQL for precise data querying and use Microsoft Sentinel, Defender for Endpoint, and Defender XDR to enhance cloud security. Prepare for SC-200 course and certification as a skilled Security Operations Analyst, proficient in proactive threat detection and incident response.

Provider Information

More courses from this provider:
http://www.netcomlearning.com
Contact Information

NetCom Learning
1460 Broadway, 8th Floor, Room 8003
New York, NY 10036

Course Overview

Overall Proficiency Level
2 - Intermediate
Course Prerequisites

Intermediate understanding of Windows 10, Familiarity with Azure virtual machines and virtual networking, Basic understanding of Microsoft 365 and scripting concepts., Familiarity with Azure services, specifically Azure SQL Database and Azure Storage, Fundamental understanding of Microsoft security, compliance, and identity products

Training Purpose
Skill Development
Functional Development
Specific Audience
All
General Public
Contractor
Delivery Method
Classroom
Online, Instructor-Led
Online, Self-Paced
Course Location

8th Floor
Room 8003
New York, NY 10036

Course Location Map
  • Your Location
  • Providers
  • Courses
  • Course and Provider Quantity
  • Classroom
  • Online, Instructor-Led
  • Online, Self-Paced

Learning Objectives

Explain and administer Microsoft Defender for Endpoint to remediate risks, configure attack surface reduction, and perform device actions.
Investigate domains, IP addresses, and user accounts to identify and contain potential threats.
Configure and manage alert settings in Microsoft 365 Defender while conducting proactive hunting and incident management.
Utilize Microsoft Defender for Identity to remediate risks and strengthen identity security across environments.
Investigate and remediate DLP and cloud security alerts using Microsoft Defender for Cloud Apps.
Manage insider risk cases and configure auto-provisioning to streamline security operations.
Write, filter, and refine KQL queries to extract and analyze event data effectively.
Manage a Microsoft Sentinel workspace, including watchlists, threat indicators, and data connectors.
Collect and analyze security telemetry by configuring Sysmon, Log Analytics agents, and connecting Azure VMs.
Create analytics rules, automate incident response with playbooks, and use queries and livestream for continuous threat hunting.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.

Last Published Date: