Loading...

Terminy kursów:

06.12.2021 - 09.12.2021

Oficjalny konspekt Microsoft Pozostałe szkolenia

SC-200 Microsoft Security Operations Analyst

Czas trwania kursu: 4 dni
Cena: 2899 zł netto

CERTYFIKACJE ZAWODOWE

Certyfikacja podstawowa CertyfIkacja specjalistyczna Certyfikacja ekspercka
FUNDAMENTALS ASSOCIATE EXPERT

 


POZIOM SZKOLENIA

podstawowy średniozaawansowany zaawansowany ekspercki
100 200 300 400

 

TEMATYKA ZAJĘĆ

  • Module 1: Mitigate threats using Microsoft Defender
    Introduction to threat protection with Microsoft 365
    Mitigate incidents using Microsoft 365 Defender
    Remediate risks with Microsoft Defender for Office 365
    Microsoft Defender for Identity
    Azure AD Identity Protection
    Microsoft Cloud App Security
    Respond to data loss prevention alerts
    Manage insider risk in Microsoft 365
    Lab : Mitigate threats using Microsoft Defender

 

  • Module 2: Mitigate threats using Microsoft 365 Defender for Endpoint
    Protect against threats with Microsoft Defender for Endpoint
    Deploy the Microsoft Defender for Endpoint environment
    Implement Windows 10 security enhancements
    Perform device investigations
    Perform actions on a device
    Perform evidence and entities investigations
    Configure for alerts and detections
    Manage insider risk in Microsoft 365
    Utilize Threat and Vulnerability Management
    Lab : Mitigate threats using Microsoft 365 Defender for Endpoint

 

  • Module 3: Mitigate threats using Azure Defender
    Plan for cloud workload protections using Azure Defender
    Explain cloud workload protections in Azure Defender
    Connect Azure assets to Azure Defender
    Connect non-Azure resources to Azure Defender
    Remediate security alerts using Azure Defender
    Lab : Mitigate threats using Azure Defender

 

  • Module 4: Create queries for Azure Sentinel using Kusto Query Language (KQL)
    Construct KQL statements for Azure Sentinel
    Analyze query results using KQL
    Build multi-table statements using KQL
    Work with data in Azure Sentinel using Kusto Query Language
    Lab : Create queries for Azure Sentinel using Kusto Query Language (KQL)

 

  • Module 5: Configure your Azure Sentinel environment
    Introduction to Azure Sentinel
    Create and manage Azure Sentinel workspaces
    Query logs in Azure Sentinel
    Use watchlists in Azure Sentinel
    Utilize threat intelligence in Azure Sentinel
    Lab : Configure your Azure Sentinel environment

 

  • Module 6: Connect logs to Azure Sentinel
    Connect data to Azure Sentinel using data connectors
    Connect Microsoft services to Azure Sentinel
    Connect Microsoft 365 Defender to Azure Sentinel
    Connect Windows hosts to Azure Sentinel
    Connect Common Event Format logs to Azure Sentinel
    Connect syslog data sources to Azure Sentinel
    Connect threat indicators to Azure Sentinel
    Lab : Connect logs to Azure Sentinel

 

  • Module 7: Create detections and perform investigations using Azure Sentinel
    Threat detection with Azure Sentinel analytics
    Threat response with Azure Sentinel playbooks
    Security incident management in Azure Sentinel
    Use entity behavior analytics in Azure Sentinel
    Query, visualize, and monitor data in Azure Sentinel
    Lab : Create detections and perform investigations using Azure Sentinel

 

  • Module 8: Perform threat hunting in Azure Sentinel
    Threat hunting with Azure Sentinel
    Hunt for threats using notebooks in Azure Sentinel
    Lab : Threat hunting in Azure Sentinel