close

close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

close

close

Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

Course Information

Microsoft Security Operations Analyst SC200​ Course Outline

Module 1: Mitigate Threats Using Microsoft Defender

  • Introduction to Threat Protection with Microsoft 365
  • Mitigate Incidents Using Microsoft 365 Defender
  • Remediate Risks with Microsoft Defender for Office 365
  • Microsoft Defender for Identity
  • Azure AD Identity Protection
  • Microsoft Cloud App Security
  • Respond to Data Loss Prevention Alerts
  • Manage Insider Risk in Microsoft 365

Lab: Mitigate Threats Using Microsoft Defender

  • Explore Microsoft 365 Defender

Module 2: Mitigate Threats Using Microsoft 365 Defender for Endpoint

  • Protect Against Threats with Microsoft Defender for Endpoint
  • Deploy the Microsoft Defender for Endpoint Environment
  • Implement Windows 10 Security Enhancements
  • Perform Device Investigations
  • Perform Actions on a Device
  • Perform Evidence and Entities Investigations
  • Configure for Alerts and Detections
  • Manage Insider Risk in Microsoft 365
  • Utilise Threat and Vulnerability Management

Lab: Mitigate Threats Using Microsoft 365 Defender for Endpoint

  • Deploy Microsoft Defender for Endpoint
  • Mitigate Attacks Using Defender for Endpoint

Module 3: Mitigate Threats Using Azure Defender

  • Plan for Cloud Workload Protections Using Azure Defender
  • Explain Cloud Workload Protections in Azure Defender
  • Connect Azure Assets to Azure Defender
  • Connect Non-Azure Resources to Azure Defender
  • Remediate Security Alerts Using Azure Defender

Lab: Mitigate Threats Using Azure Defender

  • Deploy Azure Defender
  • Mitigate Attacks with Azure Defender

Module 4: Create Queries for Azure Sentinel Using Kusto Query Language (KQL)

  • Construct KQL Statements for Azure Sentinel
  • Analyse Query Results Using KQL
  • Build Multi-Table Statements Using KQL
  • Work with Data in Azure Sentinel Using Kusto Query Language

Lab: Create Queries for Azure Sentinel Using Kusto Query Language (KQL)

  • Construct Basic KQL Statements
  • Analyse Query Results Using KQL
  • Build Multi-Table Statements in KQL
  • Work with String Data in KQL

Module 5: Configure Your Azure Sentinel Environment

  • Introduction to Azure Sentinel
  • Create and Manage Azure Sentinel Workspaces
  • Query Logs in Azure Sentinel
  • Use Watchlists in Azure Sentinel
  • Utilise Threat Intelligence in Azure Sentinel

Lab: Configure Your Azure Sentinel Environment

  • Create an Azure Sentinel Workspace
  • Create a Watchlist
  • Create a Threat Indicator

Module 6: Connect Logs to Azure Sentinel

  • Connect Data to Azure Sentinel Using Data Connectors
  • Connect Microsoft Services to Azure Sentinel
  • Connect Microsoft 365 Defender to Azure Sentinel
  • Connect Windows Hosts to Azure Sentinel
  • Connect Common Event Format Logs to Azure Sentinel
  • Connect Syslog Data Sources to Azure Sentinel
  • Connect Threat Indicators to Azure Sentinel

Lab: Connect Logs to Azure Sentinel

  • Connect Data to Azure Sentinel Using Data Connectors
  • Connect Windows Devices to Azure Sentinel Using Data Connectors
  • Connect Linux Hosts to Azure Sentinel Using Data Connectors
  • Connect Threat Intelligence to Azure Sentinel Using Data Connectors

Module 7: Create Detections and Perform Investigations Using Azure Sentinel

  • Threat Detection with Azure Sentinel Analytics
  • Threat Response with Azure Sentinel Playbooks
  • Security Incident Management in Azure Sentinel
  • Use Entity Behaviour Analytics in Azure Sentinel
  • Query, Visualise, and Monitor Data in Azure Sentinel

Lab: Create Detections and Perform Investigations Using Azure Sentinel

  • Activate a Microsoft Security Rule
  • Create a Playbook
  • Create a Scheduled Query
  • Understand Detection Modelling
  • Conduct Attacks
  • Create Detections
  • Investigate Incidents
  • Create Workbooks

Module 8: Perform Threat Hunting in Azure Sentinel

  • Threat Hunting with Azure Sentinel
  • Hunt for Threats Using Notebooks in Azure Sentinel

Lab: Threat Hunting in Azure Sentinel

  • Perform Threat Hunting in Azure Sentinel
  • Threat Hunting Using Notebooks with Azure Sentinel

Show moredowndown

Prerequisites

To attend this Microsoft Security Operations Analyst SC200 training course, delegates should have a basic to intermediate understanding of Microsoft 365, Windows 10, Microsoft security, compliance, and identity products, familiarity with Azure services, Azure VMs and virtual networking, and scripting concepts.

Audience

This Microsoft Security Operations Analyst SC200 training course is ideal for anyone who wants to gain in-depth knowledge of cyber threat mitigation technologies. However, this training will be more beneficial for:

  • Microsoft Security Operations Analysts
  • Security Engineers

Microsoft Security Operations Analyst SC200​ Course Overview

Microsoft Security Operations Analysts collaborate with stakeholders of organisations to secure the organisation's IT infrastructure. Their goal is to reduce corporate risk by rapidly addressing current workplace attacks, consulting on threat prevention methods, and notifying relevant stakeholders about policy violations. Studying the Microsoft Security Operations Analyst SC200 training course will help learners effectively configure attack surface reduction rules on Windows 10 devices and observe threats over time with livestream. It will help individuals to manage automation settings and indicators in Microsoft Defender for the endpoint. Attending this training will help learners to expand their skills and to undertake a variety of tremendous job opportunities. 

This 4-day Microsoft Security Operations Analyst SC200 training course covers all the essential topics by which delegates will become familiar with Microsoft Azure sentinel, Azure defender, and Microsoft 365 defender concepts. During this training, delegates will learn about the creation of queries for Azure sentinel by using Kusto Query Language (KQL). They will also learn about how to configure alerts and detections, manage insider risk in Microsoft 365, utilise threat and vulnerability management, connect Windows hosts to Azure sentinel, connect threat indicators to Azure sentinel, and many more. Our highly professional trainer with years of experience teaching Microsoft courses will conduct this training course and help delegates gain a comprehensive understanding of investigating, responding to, and hunting for threats using Microsoft 365 defender, Microsoft Azure sentinel, Azure defender, and third-party security products.

This training will cover various essential topics, such as:

  • Microsoft defender for identity
  • Connect non-Azure resources to Azure defender
  • Connect Microsoft 365 defender to Azure sentinel
  • Azure AD identity protection
  • Perform device investigations

After attending this Microsoft Security Operations Analyst SC200 training course, delegates will be able to conduct advanced hunting in Microsoft 365 defender and investigate alerts in Microsoft defender. They will also be able to perform evidence and entities investigations.

Show moredowndown

  • Delegate pack consisting of course notes and exercises
  • Manual
  • Experienced Instructor

Show moredowndown

Why choose us

Ways to take this course

Our easy to use Virtual platform allows you to sit the course from home with a live instructor. You will follow the same schedule as the classroom course, and will be able to interact with the trainer and other delegates.

Our fully interactive online training platform is compatible across all devices and can be accessed from anywhere, at any time. All our online courses come with a standard 90 days access that can be extended upon request. Our expert trainers are constantly on hand to help you with any questions which may arise.

This is our most popular style of learning. We run courses in 1200 locations, across 200 countries in one of our hand-picked training venues, providing the all important ‘human touch’ which may be missed in other learning styles.

best_trainers

Highly experienced trainers

All our trainers are highly qualified, have 10+ years of real-world experience and will provide you with an engaging learning experience.

venues

State of the art training venues

We only use the highest standard of learning facilities to make sure your experience is as comfortable and distraction-free as possible

small_classes

Small class sizes

We limit our class sizes to promote better discussion and ensuring everyone has a personalized experience

value_for_money

Great value for money

Get more bang for your buck! If you find your chosen course cheaper elsewhere, we’ll match it!

This is the same great training as our classroom learning but carried out at your own business premises. This is the perfect option for larger scale training requirements and means less time away from the office.

tailored_learning_experience

Tailored learning experience

Our courses can be adapted to meet your individual project or business requirements regardless of scope.

budget

Maximise your training budget

Cut unnecessary costs and focus your entire budget on what really matters, the training.

team_building

Team building opportunity

This gives your team a great opportunity to come together, bond, and discuss, which you may not get in a standard classroom setting.

monitor_progress

Monitor employees progress

Keep track of your employees’ progression and performance in your own workspace.

What our customers are saying

Frequently asked questions

FAQ's

This training course will provide you with in-depth knowledge of threat management, tracking, and response and help you gain an in-depth understanding of Microsoft defender 365, Azure defender, Azure sentinel, etc. It will help you to advance your skills, get a valuable credential, and increase your salary.
To attend this Microsoft Security Operations Analyst SC200 training course, delegates should have a basic to intermediate understanding of Microsoft 365, Windows 10, Microsoft security, compliance, and identity products, familiarity with Azure services, Azure VMs and virtual networking, and scripting concepts.
This Microsoft Security Operations Analyst SC200 training course is ideal for anyone who wants to gain in-depth knowledge of cyber threat mitigation technologies.
Yes, The Knowledge Academy is accredited by Microsoft to provide this training course.
Microsoft Azure sentinel is a scalable Security Information Event Management (SIEM) and Security Orchestration Automated Response (SOAR) solution that runs on the cloud.
During this Microsoft Security Operations Analyst SC200 training course, you will learn various essential topics such as how to query, visualise, and monitor data in Azure sentinel, connect Windows hosts to Azure sentinel, respond to data loss prevention alerts, manage insider risk in Microsoft 365, and many more.
The price for Microsoft Security Operations Analyst SC200 certification in the United Kingdom starts from £1495
The Knowledge Academy is the Leading global training provider in the world for Microsoft Security Operations Analyst SC200.

Why choose us

icon

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

icon

Many delivery methods

Flexible delivery methods are available depending on your learning style.

icon

High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo
Shell Logo

"...the trainer for this course was excellent. I would definitely recommend (and already have) this course to others."

Diane Gray, Shell

Looking for more information on Microsoft Security Engineer Training?

backBack to course information

Get a custom course package

We may not have any package deals available including this course. If you enquire or give us a call on 01344 203999 and speak to our training experts, we should be able to help you with your requirements.