Trending Courses

Vendors

Skip Navigation Links

Overview

Learn how to investigate, respond to, and hunt for threats using Microsoft Azure Sentinel, Azure Defender, and Microsoft 365 Defender. In this Certification & Training course you will learn how to mitigate cyber threats using these technologies. Specifically, you will configure and use Azure Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.
img-course-overview.jpg

What You'll Learn

  • Manage threat mitigation using Microsoft Defender XDR
  • Manage threat mitigation using Microsoft Purview
  • Manage threat mitigation using Microsoft Defender for Endpoint
  • Manage threat mitigation using Microsoft Defender for Cloud
  • Create KQL queries for Microsoft Sentinel
  • Configure your environment in Microsoft Sentinel
  • Manage log connection to Microsoft Sentinel
  • Detect and remediate threats using Microsoft Sentinel
  • Manage threat hunting in Microsoft Sentinel

Who Should Attend

The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
img-who-should-learn.png

Prerequisites

Please review the prerequisites listed for each module in the course content and click on the provided links for more information.

1. SC-200: Mitigate threats using Microsoft Defender XDR

Analyze threat data across domains and rapidly remediate threats with built-in orchestration and automation in Microsoft Defender XDR. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

2. SC-200: Mitigate threats using Microsoft Security Copilot

Get started with Microsoft Security Copilot. You're introduced to basic terminology, how Microsoft Security Copilot processes prompts, the elements of an effective prompt, and how to enable the solution. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

3. SC-200: Mitigate threats using Microsoft Purview

In this Learning Path we focus on Microsoft Purview's risk and compliance solutions that assist security operations analysts detect threats to organizations and identify, classify, and protect sensitive data, as well as monitor and report on compliance. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

4. SC-200: Mitigate threats using Microsoft Defender for Endpoint

Implement the Microsoft Defender for Endpoint platform to detect, investigate, and respond to advanced threats. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

5. SC-200: Mitigate threats using Microsoft Defender for Cloud

Use Microsoft Defender for Cloud, for Azure, hybrid cloud, and on-premises workload protection and security. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

6. SC-200: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)

Write Kusto Query Language (KQL) statements to query log data to perform detections, analysis, and reporting in Microsoft Sentinel. This learning path will focus on the most used operators. The example KQL statements will showcase security related table queries.

7. SC-200: Configure your Microsoft Sentinel environment

Get started with Microsoft Sentinel by properly configuring the Microsoft Sentinel workspace. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

8. SC-200: Connect logs to Microsoft Sentinel

Connect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds to Microsoft Sentinel. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

9. SC-200: Create detections and perform investigations using Microsoft Sentinel

Detect previously uncovered threats and rapidly remediate threats with built-in orchestration and automation in Microsoft Sentinel. This learning path aligns with Exam SC-200: Security Operation Analyst.

10. SC-200: Perform threat hunting in Microsoft Sentinel

Proactively hunt for security threats using the Microsoft Sentinel powerful threat hunting tools. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.

Instructors

Scott Duffy

Bestselling Azure & TOGAF® Trainer, Microsoft Azure MVP

4.8 (4.1k)
|
10 Courses
profile-instructor-a.png
Scott Duffy

Bestselling Azure & TOGAF® Trainer, Microsoft Azure MVP

4.8 (4.1k)
|
10 Courses
profile-instructor-a.png

Skills measured

  • Mitigate threats by using Microsoft 365 Defender
  • Mitigate threats by using Defender for Cloud
  • Mitigate threats by using Microsoft Sentinel

Frequently Asked Questions (FAQs)

  • Why get Microsoft certified?

    Microsoft certifications validate your skills and expertise in Microsoft technologies and solutions, demonstrating your ability to design, implement, and manage cutting-edge technologies.

    These certifications are globally recognized and highly sought after by employers, as they signify your proficiency in using Microsoft products and services to drive innovation and solve business challenges.

    Microsoft-certified professionals are in high demand, opening doors to new career opportunities and higher earning potential.

  • What to expect for the examination?

    Microsoft certification exams are designed to assess your knowledge and skills in specific Microsoft technologies and solutions.

    Exams typically consist of multiple-choice, multiple-select, and case study questions, and some may include lab simulations to evaluate your practical skills.

    Note: Certification requirements and policies may be updated by Microsoft from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • How long is Microsoft certification valid for?

    Most Microsoft role-based and specialty certifications are valid for one year from the date of passing the exam.

    To maintain your certification, you will need to renew it annually by passing a free online assessment on Microsoft Learn.

    However, Microsoft Applied Skills credentials and Fundamentals certifications do not expire.

    Note: Certification requirements and policies may be updated by Microsoft from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • Why take this course with Trainocate?

    Here’s what sets us apart:

    - Global Reach, Localized Accessibility: Benefit from our geographically diverse training hubs in 24 countries (and counting!).

    - Top-Rated Instructors: Our team of subject matter experts (with high average CSAT and MTM scores) are passionate to help you accelerate your digital transformation.

    - Customized Training Solutions: Choose from on-site, virtual classrooms, or self-paced learning to fit your organization and individual needs.

    - Experiential Learning: Dive into interactive training with our curated lesson plans. Participate in hands-on labs, solve real-world challenges, and take on comprehensive assessments.

    - Learn From The Best: With 30+ authorized training partnerships and countless awards from Microsoft, AWS, Google – you're guaranteed learning from the industry's elite.

    - Your Bridge To Success: We provide up-to-date course materials, helpful exam guides, and dedicated support to validate your expertise and elevate your career.

Keep Exploring

Course Curriculum

Course Curriculum

Training Schedule

Training Schedule

Exam & Certification

Exam & Certification

FAQs

Frequently Asked Questions

img-improve-career.jpg

Improve yourself and your career by taking this course.

More Courses By Microsoft

Browse All Courses
ms-900t01-microsoft-365-fundamentals-training
Modern Work

Introduction to Microsoft 365

Learn Microsoft 365 with Trainocate’s 1-day MS-900 training. Expert-led, it covers cloud services, productivity apps, and security, preparing you for Microsoft Certified: Fundamentals certification. E
ILT VILT
Course Duration 1 Day
mb-230t01-microsoft-dynamics-365-customer-service-training
Business Applications

Microsoft Dynamics 365 Customer Service

Learn how to use Microsoft Dynamics 365 to impact your customers.
ILT VILT
Course Duration 4 Days
az-120t00-planning-and-deploying-sap-on-azure-training
Azure Infrastructure

Planning and Deploying SAP on Azure

Learn concepts, scenarios, procedures, and hands-on labs how to best plan and implement migration and operation of an SAP solution on Azure.
ILT VILT
Course Duration 3 Days
img-get-info.jpg

Ready to Take Your Business from Great to Awesome?

Level-up by partnering with Trainocate. Get in touch today.

Name
Email
Phone
I'm inquiring for
Inquiry Details

By submitting this form, you consent to Trainocate processing your data to respond to your inquiry and provide you with relevant information about our training programs, including occasional emails with the latest news, exclusive events, and special offers.

You can unsubscribe from our marketing emails at any time. Our data handling practices are in accordance with our Privacy Policy.

Stay Connected. Be the first to Know.

Company

Vendors

Services

Customer Service

© Copyright Trainocate 2025. All rights reserved.