SC-200 Microsoft Security Operations Analyst Course SIMs

SC-200 Microsoft Security Operations Analyst Course & SIMs, available at $19.99, has an average rating of 4.58, with 112 lectures, based on 726 reviews, and has 5254 subscribers.

You will learn about Learn the concepts and perform hands on activities needed to pass the SC-200 exam Gain a tremendous amount of knowledge involving securing Microsoft 365 and Azure Services Get loads of hands on experience with Security Operations for Microsoft 365 Utilize hands on simulations that can be access anytime, anywhere! This course is ideal for individuals who are IT people interested in learning and passing the Microsoft SC-200 Exam or People interested in learning a tremendous amount about Security Operations for Microsoft 365 It is particularly useful for IT people interested in learning and passing the Microsoft SC-200 Exam or People interested in learning a tremendous amount about Security Operations for Microsoft 365.

Enroll now: SC-200 Microsoft Security Operations Analyst Course & SIMs

Summary

Title: SC-200 Microsoft Security Operations Analyst Course & SIMs

Price: $19.99

Average Rating: 4.58

Number of Lectures: 112

Number of Published Lectures: 109

Number of Curriculum Items: 124

Number of Published Curriculum Objects: 121

Original Price: $69.99

Quality Status: approved

Status: Live

What You Will Learn

Learn the concepts and perform hands on activities needed to pass the SC-200 exam

Gain a tremendous amount of knowledge involving securing Microsoft 365 and Azure Services

Get loads of hands on experience with Security Operations for Microsoft 365

Utilize hands on simulations that can be access anytime, anywhere!

Who Should Attend

IT people interested in learning and passing the Microsoft SC-200 Exam

People interested in learning a tremendous amount about Security Operations for Microsoft 365

Target Audiences

IT people interested in learning and passing the Microsoft SC-200 Exam

People interested in learning a tremendous amount about Security Operations for Microsoft 365

We really hope you’ll agree, this training is way more then the average course on Udemy!

Have access to the following:

Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer

Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material

Instructor led hands on and simulations to practice that can be followed even if you have little to no experience

TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:

Introduction

Welcome to the course

Understanding the Microsoft Environment

Foundations of Active Directory Domains

Foundations of RAS, DMZ, and Virtualization

Foundations of the Microsoft Cloud Services

DONT SKIP: The first thing to know about Microsoft cloud services

DONT SKIP: Azure AD is now renamed to Entra ID

Questions for John Christopher

Order of concepts covered in the course

Performing hands on activities

DONT SKIP: Using Assignments in the course

Creating a free Microsoft 365 Account

Activating licenses for Defender for Endpoint and Vulnerabilities

Getting your free Azure credit

Configure settings in Microsoft Defender XDR

Introduction to Microsoft 365 Defender

Concepts of the purpose of extended detection and response (XDR)

Microsoft Defender and Microsoft Purview admin centers

Concepts of Microsoft Sentinel

Concepts of management with Microsoft Defender for Endpoint

Manage assets and environments

Setup a Windows 11 virtual machine endpoint

Enrolling to Intune for attack surface reduction (ASR) support

Onboarding to manage devices using Defender for Endpoint

A note about extra features in your Defender for Endpoint

Incidents, alert notifications, and advanced feature for endpoints

Review and respond to endpoint vulnerabilities

Recommend attack surface reduction (ASR) for devices

Configure and manage device groups

Overview of Microsoft Defender for Cloud

Identify devices at risk using the Microsoft Defender Vulnerability Management

Manage endpoint threat indicators

Identify unmanaged devices by using device discovery

Design and configure a Microsoft Sentinel workspace

Plan a Microsoft Sentinel workspace

Configure Microsoft Sentinel roles

Design and configure Microsoft Sentinel data storage, log types and log retention

Ingest data sources in Microsoft Sentinel

Identify data sources to be ingested for Microsoft Sentinel

Configure and use MS Sentinel connectors, Azure Policy & diagnostic settings

Configure Microsoft Sentinel connectors for MS 365 Defender & Defender for Cloud

Design and configure Syslog and Common Event Format (CEF) event collections

Design and configure Windows security event collections

Configure threat intelligence connectors

Create custom log tables in the workspace to store ingested data

Configure protections in Microsoft Defender security technologies

Plan and configure Microsoft Defender for Cloud settings

Configure Microsoft Defender for Cloud roles

Assess and recommend cloud workload protection and enable plans

Configure automated onboarding of Azure resources

Connect multi-cloud resources by using Environment settings

Configure detection in Microsoft Defender XDR

Setup a simulation lab using Microsoft 365 Defender

Run an attack against a device in the simulation lab

Manage incidents & automated investigations in the Microsoft 365 Defender portal

Run an attack simulation email campaign in Microsoft 365 Defender

Manage actions and submissions in the Microsoft 365 Defender portal

Identify threats by using Kusto Query Language (KQL)

Identify and remediate security risks by using Microsoft Secure Score

Analyze threat analytics in the Microsoft 365 Defender portal

Configure and manage custom detections and alerts

Configure detections in Microsoft Sentinel

Concepts of Microsoft Sentinel analytics rules

Configure the Fusion rule

Configure Microsoft security analytics rules

Configure built-in scheduled query rules

Configure custom scheduled query rules

Configure near-real-time (NRT) analytics rules

Manage analytics rules from Content hub

Manage and use watchlists

Manage and use threat indicators

Respond to alerts and incidents in Microsoft Defender XDR

Using polices to remediate threats with Email, Teams, SharePoint & OneDrive

Investigate, respond, and remediate threats with Defender for Office 365

Understanding data loss prevention (DLP) in Microsoft 365 Defender

Implement data loss prevention policies (DLP) to respond and alert

Investigate & respond to alerts generated by data loss prevention (DLP) policies

Understanding insider risk policies

Generating an insider risk policy

Investigate and respond to alerts generated by insider risk policies

Discover and manage apps by using Microsoft Defender for Cloud Apps

Identify, investigate, & remediate security risks by using Defender for Cloud Apps

Respond to alerts and incidents identified by Microsoft Defender for Endpoint

Configure User and Entity Behavior Analytics settings

Investigate threats by using entity pages

Configure anomaly detection analytics rules

Enrich investigations by using other Microsoft tools

Understanding unified audit log licensing and requirements

Setting unified audit permissions and enabling support

Perform threat hunting by using unified audit log

Perform threat hunting by using Content Search

Manage incidents in Microsoft Sentinel

Configure an incident generation

Triage incidents in Microsoft Sentinel

Investigate incidents in Microsoft Sentinel

Respond to incidents in Microsoft Sentinel

Investigate multi-workspace incidents

Configure security orchestration, automation, and response (SOAR) in Microsoft Sentinel

Create and configure automation rules

Create and configure Microsoft Sentinel playbooks

Configure analytic rules to trigger automation rules

Trigger playbooks from alerts and incidents

Hunt for threats by using KQL

Identify threats by using Kusto Query Language (KQL)

Interpret threat analytics in the Microsoft Defender portal

Create custom hunting queries by using KQL

Hunt for threats by using Microsoft Sentinel

Analyze attack vector coverage by using MITRE ATT&CK in Microsoft Sentinel

Customize content gallery hunting queries

Create custom hunting queries

Use hunting bookmarks for data investigations

Monitor hunting queries by using Livestream

Retrieve and manage archived log data

Create and manage search jobs

Respond to alerts and incidents in Microsoft Defender for Cloud

Set up email notifications

Create and manage alert suppression rules

Design and configure workflow automation in Microsoft Defender for Cloud

Generate sample alerts and incidents in Microsoft Defender for Cloud

Remediate alerts and incidents by using MS Defender for Cloud recommendations

Manage security alerts and incidents

Analyze Microsoft Defender for Cloud threat intelligence reports

Analyze and interpret data by using workbooks

Activate and customize Microsoft Sentinel workbook templates

Create custom workbooks

Configure advanced visualizations

Conclusion

Cleaning up your lab environment

Getting a Udemy certificate

BONUS Where do I go from here?

Course Curriculum

Chapter 1: Introduction

Lecture 1: Welcome to the course!

Lecture 2: Understanding the Microsoft Environment

Lecture 3: Foundations of Active Directory Domains

Lecture 4: Foundations of RAS, DMZ, and Virtualization

Lecture 5: Foundations of the Microsoft Cloud Services

Lecture 6: Udemy for B Students

Lecture 7: DONT SKIP: The first thing to know about Microsoft cloud services

Lecture 8: DONT SKIP: Azure AD is now renamed to Entra ID

Lecture 9: Questions for John Christopher

Lecture 10: Order of concepts covered in the course

Lecture 11: Certificate of Completion

Chapter 2: Performing hands on activities

Lecture 1: DONT SKIP: Using Assignments in the course

Lecture 2: DONT SKIP: Before beginning your account setup

Lecture 3: Creating a free Microsoft 365 Account

Lecture 4: Getting your free Azure credit

Chapter 3: Configure settings in Microsoft Defender XDR

Lecture 1: Introduction to Microsoft 365 Defender XDR

Lecture 2: Concepts of the purpose of extended detection and response (XDR)

Lecture 3: Microsoft Defender and Microsoft Purview admin centers

Lecture 4: Concepts of Microsoft Sentinel

Lecture 5: Configure a connection from Defender XDR to a Sentinel workspace

Lecture 6: Concepts of management with Microsoft Defender for Endpoint

Lecture 7: Setup a Windows 11 virtual machine endpoint

Lecture 8: Enrolling to Intune for attack surface reduction (ASR) support

Lecture 9: Onboarding to manage devices using Defender for Endpoint

Lecture 10: A note about extra features in your Defender for Endpoint

Lecture 11: Incidents, alert notifications rules and advanced feature for endpoints

Lecture 12: Review and respond to endpoint vulnerabilities

Lecture 13: Recommend attack surface reduction (ASR) for devices

Chapter 4: Manage assets and environments

Lecture 1: Configure and manage device groups

Lecture 2: Identify devices at risk using the Microsoft Defender Vulnerability Management

Lecture 3: Overview of Microsoft Defender for Cloud

Lecture 4: Manage resources by using Azure Arc

Lecture 5: Connect environments to Microsoft Defender for Cloud (by using multi-cloud)

Lecture 6: Manage endpoint threat indicators

Lecture 7: Identify unmanaged devices by using device discovery

Chapter 5: Design and configure a Microsoft Sentinel workspace

Lecture 1: Plan a Microsoft Sentinel workspace

Lecture 2: Configure Microsoft Sentinel roles & specify Azure RBAC roles for Sentinel

Lecture 3: Design and configure Microsoft Sentinel data storage,log types and log retention

Chapter 6: Ingest data sources in Microsoft Sentinel

Lecture 1: Identify data sources to be ingested for Microsoft Sentinel

Lecture 2: Configure and use MS Sentinel connectors, Azure Policy & diagnostic settings

Lecture 3: Configure Microsoft Sentinel connectors for MS 365 Defender & Defender for Cloud

Lecture 4: Design and configure Syslog and Common Event Format (CEF) event collections

Lecture 5: Design and configure Windows security event collections

Lecture 6: Configure threat intelligence connectors

Lecture 7: Create custom log tables in the workspace to store ingested data

Chapter 7: Configure protections in Microsoft Defender security technologies

Lecture 1: Plan and configure Microsoft Defender for Cloud settings

Lecture 2: Configure Microsoft Defender for Cloud roles

Lecture 3: Assess and recommend cloud workload protection and enable plans

Lecture 4: Configure automated onboarding of Azure resources

Chapter 8: Configure detection in Microsoft Defender XDR

Lecture 1: WARNING: Defender for Endpoint Lab now deprecated

Lecture 2: Setup a simulation lab using Microsoft 365 Defender

Lecture 3: Run an attack against a device in the simulation lab

Lecture 4: Manage incidents & automated investigations in the Microsoft 365 Defender portal

Lecture 5: Run an attack simulation email campaign in Microsoft 365 Defender

Lecture 6: Manage actions and submissions in the Microsoft 365 Defender portal

Lecture 7: Identify and remediate security risks by using Microsoft Secure Score

Lecture 8: Analyze threat analytics in the Microsoft 365 Defender portal

Lecture 9: Configure and manage custom detections and alerts

Chapter 9: Configure detections in Microsoft Sentinel

Lecture 1: Concepts of Microsoft Sentinel analytics rules

Lecture 2: Configure the Fusion rule

Lecture 3: Configure Microsoft security analytics rules

Lecture 4: Configure built-in scheduled query rules

Lecture 5: Configure custom scheduled query rules

Lecture 6: Configure near-real-time (NRT) analytics rules

Lecture 7: Manage analytics rules from Content hub

Lecture 8: Manage and use watchlists

Lecture 9: Manage and use threat indicators

Chapter 10: Respond to alerts and incidents in Microsoft Defender XDR

Lecture 1: Using polices to remediate threats with Email ,Teams, SharePoint & OneDrive

Lecture 2: Investigate, respond, and remediate threats with Defender for Office 365

Lecture 3: Understanding data loss prevention (DLP) in Microsoft 365 Defender

Lecture 4: Implement data loss prevention policies (DLP) to respond and alert

Lecture 5: Investigate & respond to alerts generated by data loss prevention (DLP) policies

Lecture 6: Understanding insider risk policies

Lecture 7: Generating an insider risk policy

Lecture 8: Investigate and respond to alerts generated by insider risk policies

Lecture 9: Discover and manage apps by using Microsoft Defender for Cloud Apps

Lecture 10: Identify,investigate, & remediate security risks by using Defender for Cloud App

Chapter 11: Respond to alerts and incidents identified by Microsoft Defender for Endpoint

Lecture 1: Configure User and Entity Behavior Analytics settings

Lecture 2: Investigate threats by using entity pages

Lecture 3: Configure anomaly detection analytics rules

Chapter 12: Enrich investigations by using other Microsoft tools

Instructors

John Christopher
IT Engineer and Trainer for 25 Years in the industry

Rating Distribution

1 stars: 8 votes

2 stars: 5 votes

3 stars: 41 votes

4 stars: 247 votes

5 stars: 425 votes

Frequently Asked Questions

How long do I have access to the course materials?

You can view and review the lecture materials indefinitely, like an on-demand channel.

Can I take my courses with me wherever I go?

Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don’t have an internet connection, some instructors also let their students download course lectures. That’s up to the instructor though, so make sure you get on their good side!