Catalog

Microsoft Security Operations Analyst

$2795.00

Cybersecurity

Course ID: CS-10093

Duration (Days): 5.0

Please contact us for additional details and scheduling options.

Contact Us
This course provides Security Operations Analysts with the skills to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Defender for Cloud. Participants will learn to mitigate cyberthreats by configuring and utilizing these technologies, with a focus on detection, analysis, and reporting using Kusto Query Language (KQL). Ideal for those preparing for the SC-200 exam, this course enhances the ability to manage and reduce organizational risk.
This course is designed to prepare Security Operations Analysts for the critical task of securing organizational information technology systems. Participants will gain hands-on experience with Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Defender for Cloud, learning how to investigate, respond to, and hunt for cyberthreats. The course covers the configuration and deployment of these tools, ensuring that analysts can effectively mitigate threats and reduce organizational risk. The curriculum includes in-depth training on using Kusto Query Language (KQL) to perform detailed detection, analysis, and reporting within Microsoft Sentinel. Participants will also explore how to protect identities, secure cloud apps, and manage endpoint security. This comprehensive course not only prepares learners for the SC-200: Microsoft Security Operations Analyst certification but also enhances their ability to rapidly remediate active attacks and advise on improvements to threat protection practices. Through practical lessons and real-world scenarios, students will develop the skills necessary to excel in a Security Operations role.

Course Outline

##### Module 1 - Mitigate threats using Microsoft Defender XDR - Introduction to Microsoft Defender XDR Threat Protection - Mitigate incidents using Microsoft 365 Defender - Protect Your Identities with Microsoft Entra ID Protection - Remediate Risks with Microsoft Defender for Office 365 - Safeguard Your Environment with Microsoft Defender for Identity - Secure Your Cloud Apps and Services with Microsoft Defender for Cloud Apps ##### Module 2 - Mitigate threats using Microsoft Copilot for Security - Fundamentals of Generative AI - Describe Microsoft Copilot for Security - Describe the Core Features of Microsoft Copilot for Security - Describe the Embedded Experiences of Microsoft Copilot for Security ##### Module 3 - Mitigate threats using Microsoft Purview - Respond to Data Loss Prevention Alerts using Microsoft 365 - Manage insider risk in Microsoft 365 - Search and Investigate with Microsoft Purview Audit - Investigate Threats with Content Search in Microsoft Purview ##### Module 4 - Mitigate threats using Microsoft Defender for Endpoint - Protect against threats with Microsoft Defender for Endpoint - Deploy the Microsoft Defender for Endpoint environment - Implement Windows security enhancements - Perform device investigations - Perform actions on a device - Perform evidence and entities investigations - Configure and manage automation - Configure for alerts and detections - Utilize Threat and Vulnerability Management ##### Module 5 - Mitigate threats using Microsoft Defender for Cloud - Plan for cloud workload protections using Microsoft Defender for Cloud - Workload protections in Microsoft Defender for Cloud - Connect Azure assets to Microsoft Defender for Cloud - Connect non-Azure resources to Microsoft Defender for Cloud - Remediate security alerts using Microsoft Defender for Cloud ##### Module 6 - Create queries for Microsoft Sentinel using Kusto Query Language (KQL) - Construct KQL statements for Microsoft Sentinel - Analyze query results using KQL - Build multi-table statements using KQL - Work with string data using KQL statements ##### Module 7 - Configure your Microsoft Sentinel environment - Introduction to Microsoft Sentinel - Create and manage Microsoft Sentinel workspaces - Query logs in Microsoft Sentinel - Use watchlists in Microsoft Sentinel - Utilize threat intelligence in Microsoft Sentinel ##### Module 8 - Connect logs to Microsoft Sentinel - Connect data to Microsoft Sentinel using data connectors - Connect Microsoft services to Microsoft Sentinel - Connect Microsoft 365 Defender to Microsoft Sentinel - Connect Windows hosts to Microsoft Sentinel - Connect Common Event Format logs to Microsoft Sentinel - Connect syslog data sources to Microsoft Sentinel - Connect threat indicators to Microsoft Sentinel ##### Module 9 - Create detections and perform investigations using Microsoft Sentinel - Threat detection with Microsoft Sentinel analytics - Security incident management in Microsoft Sentinel - Threat response with Microsoft Sentinel playbooks - User and entity behavior analytics in Microsoft Sentinel - Query, visualize, and monitor data in Microsoft Sentinel ##### Module 10 - Perform threat hunting in Microsoft Sentinel - Threat hunting concepts in Microsoft Sentinel - Threat hunting with Microsoft Sentinel - Hunt for threats using notebooks in Microsoft Sentinel

Related Courses

Microsoft Identity and Access Administrator

Microsoft Cybersecurity Architect

Microsoft Security Compliance and Identity Fundamentals

Certified Information Security Systems Professional (CISSP)

CompTIA Advanced Security Practitioner (CASP+)

Solutions

Catalog
Virtual Instructor Led Training
Onsite Instructor Led Training
Outsourced Training Services

Company

Home
About Us
Contact Us
Blog
Disclaimer

Contact Information

techtrain365, LLC
1207 Delaware Avenue
Suite 2311
Wilmington, DE 19806

(302) 830-3659

hello@techtrain365.com

Copyright © 2023-2024 techtrain365, LLC. All Rights Reserved.

| Privacy Statement

| Terms of Use