Loading...

Terminy kursów:

10.05.2021 - 13.05.2021
12.07.2021 - 15.07.2021

Oficjalny konspekt Microsoft Pozostałe szkolenia

SC-200 Microsoft Security Operations Analyst

Czas trwania kursu: 4 dni
Cena: 2899 zł netto

CERTYFIKACJE ZAWODOWE

Certyfikacja podstawowa CertyfIkacja specjalistyczna Certyfikacja ekspercka
FUNDAMENTALS ASSOCIATE EXPERT

 


POZIOM SZKOLENIA

podstawowy średniozaawansowany zaawansowany ekspercki
100 200 300 400

 

TEMATYKA ZAJĘĆ

  • Module 1: Mitigate threats using Microsoft Defender for Endpoint
    Protect against threats with Microsoft Defender for Endpoint
    Deploy the Microsoft Defender for Endpoint environment
    Implement Windows 10 security enhancements with Microsoft Defender for Endpoint
    Manage alerts and incidents in Microsoft Defender for Endpoint
    Perform device investigations in Microsoft Defender for Endpoint
    Perform actions on a device using Microsoft Defender for Endpoint
    Perform evidence and entities investigations using Microsoft Defender for Endpoint
    Configure and manage automation using Microsoft Defender for Endpoint
    Configure for alerts and detections in Microsoft Defender for Endpoint
    Utilize Threat and Vulnerability Management in Microsoft Defender for Endpoint
    Lab : Mitigate threats using Microsoft Defender for Endpoint

 

  • Module 2: Mitigate threats using Microsoft 365 Defender
    Introduction to threat protection with Microsoft 365
    Mitigate incidents using Microsoft 365 Defender
    Protect your identities with Azure AD Identity Protection
    Remediate risks with Microsoft Defender for Office 365
    Safeguard your environment with Microsoft Defender for Identity
    Secure your cloud apps and services with Microsoft Cloud App Security
    Respond to data loss prevention alerts using Microsoft 365
    Manage insider risk in Microsoft 365
    Lab : Mitigate threats using Microsoft 365 Defender

 

  • Module 3: Mitigate threats using Azure Defender
    Plan for cloud workload protections using Azure Defender
    Explain cloud workload protections in Azure Defender
    Connect Azure assets to Azure Defender
    Connect non-Azure resources to Azure Defender
    Remediate security alerts using Azure Defender
    Lab : Mitigate threats using Azure Defender

 

  • Module 4: Create queries for Azure Sentinel using Kusto Query Language (KQL)
    Construct KQL statements for Azure Sentinel
    Analyze query results using KQL
    Build multi-table statements using KQL
    Work with data in Azure Sentinel using Kusto Query Language
    Lab : Create queries for Azure Sentinel using Kusto Query Language (KQL)

 

  • Module 5: Configure your Azure Sentinel environment
    Introduction to Azure Sentinel
    Create and manage Azure Sentinel workspaces
    Query logs in Azure Sentinel
    Use watchlists in Azure Sentinel
    Utilize threat intelligence in Azure Sentinel
    Lab : Configure your Azure Sentinel environment

 

  • Module 6: Connect logs to Azure Sentinel
    Connect data to Azure Sentinel using data connectors
    Connect Microsoft services to Azure Sentinel
    Connect Microsoft 365 Defender to Azure Sentinel
    Connect Windows hosts to Azure Sentinel
    Connect Common Event Format logs to Azure Sentinel
    Connect syslog data sources to Azure Sentinel
    Connect threat indicators to Azure Sentinel
    Lab : Connect logs to Azure Sentinel

 

  • Module 7: Create detections and perform investigations using Azure Sentinel
    Threat detection with Azure Sentinel analytics
    Threat response with Azure Sentinel playbooks
    Security incident management in Azure Sentinel
    Use entity behavior analytics in Azure Sentinel
    Query, visualize, and monitor data in Azure Sentinel
    Lab : Create detections and perform investigations using Azure Sentinel

 

  • Module 8: Perform threat hunting in Azure Sentinel
    Threat hunting with Azure Sentinel
    Hunt for threats using notebooks in Azure Sentinel
    Lab : Threat hunting in Azure Sentinel