Loading...

Terminy kursów:

02.01.2023 - 05.01.2023
06.02.2023 - 09.02.2023
27.02.2023 - 02.03.2023

Oficjalny konspekt Microsoft Pozostałe szkolenia

SC-200 Microsoft Security Operations Analyst

Czas trwania kursu: 4 dni
Cena: 2999 zł netto

CERTYFIKACJE ZAWODOWE

Certyfikacja podstawowa CertyfIkacja specjalistyczna Certyfikacja ekspercka
FUNDAMENTALS ASSOCIATE EXPERT

 


POZIOM SZKOLENIA

podstawowy średniozaawansowany zaawansowany ekspercki
100 200 300 400

 

TEMATYKA ZAJĘĆ

  • Module 1: Mitigate threats using Microsoft 365 Defender
    Introduction to threat protection with Microsoft 365
    Mitigate incidents using Microsoft 365 Defender
    Remediate risks with Microsoft Defender for Office 365
    Microsoft Defender for Identity
    Protect your identities with Azure AD Identity Protection
    Microsoft Defender for Cloud Apps
    Respond to data loss prevention alerts using Microsoft 365
    Manage insider risk in Microsoft 365
    Lab: Mitigate threats using Microsoft 365 Defender

 

  • Module 2: Mitigate threats using Microsoft Defender for Endpoint
    Protect against threats with Microsoft Defender for Endpoint
    Deploy the Microsoft Defender for Endpoint environment
    Implement Windows security enhancements
    Perform device investigations
    Perform actions on a device
    Perform evidence and entities investigations
    Configure and manage automation
    Configure for alerts and detections
    Utilize Threat and Vulnerability Management
    Lab: Mitigate threats using Microsoft 365 Defender for Endpoint

 

  • Module 3: Mitigate threats using Azure Defender for Cloud
    Plan for cloud workload protections using Microsoft Defender for Cloud
    Workload protections in Microsoft Defender for Cloud
    Connect Azure assets to Microsoft Defender for Cloud
    Connect non-Azure resources to Microsoft Defender for Cloud
    Remediate security alerts using Microsoft Defender for Cloud
    Lab: Mitigate threats using Microsoft Defender for Cloud

 

  • Module 4: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
    Construct KQL statements for Microsoft Sentinel
    Analyze query results using KQL
    Build multi-table statements using KQL
    Work with string data using KQL statements
    Lab: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)

 

  • Module 5: Configure your Microsoft Sentinel environment
    Introduction to Microsoft Sentinel
    Create and manage Microsoft Sentinel workspaces
    Query logs in Microsoft Sentinel
    Use watchlists in Microsoft Sentinel
    Utilize threat intelligence in Microsoft Sentinel
    Lab: Configure your Microsoft Sentinel environment

 

  • Module 6: Connect logs to Microsoft Sentinel
    Connect data to Microsoft Sentinel using data connectors
    Connect Microsoft services to Microsoft Sentinel
    Connect Microsoft 365 Defender to Microsoft Sentinel
    Connect Windows hosts to Microsoft Sentinel
    Connect Common Event Format logs to Microsoft Sentinel
    Connect syslog data sources to Microsoft Sentinel
    Connect threat indicators to Microsoft Sentinel
    Lab: Connect logs to Microsoft Sentinel

 

  • Module 7: Create detections and perform investigations using Microsoft Sentinel
    Threat detection with Microsoft Sentinel analytics
    Security incident management in Microsoft Sentinel
    Threat response with Microsoft Sentinel playbooks
    User and entity behavior analytics in Microsoft Sentinel
    Query, visualize, and monitor data in Microsoft Sentinel
    Lab: Create detections and perform investigations using Microsoft Sentinel

 

  • Module 8: Perform threat hunting in Microsoft Sentinel
    Threat hunting concepts in Microsoft Sentinel
    Threat hunting with Microsoft Sentinel
    Hunt for threats using notebooks in Microsoft Sentinel
    Lab: Threat hunting in Microsoft Sentinel