وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

در حال حاضر محصولی در سبد خرید شما وجود ندارد.

رمز خود را فراموش کرده اید؟
وب سایت تخصصی شرکت فرین
خانه » فروشگاه » Microsoft Security Operations Analyst Associate (SC-200) Cert Prep by Microsoft Press

Microsoft Security Operations Analyst Associate (SC-200) Cert Prep by Microsoft Press

سرفصل های دوره

The Microsoft Security Operations Analyst Associate (SC-200) certification vets your understanding of the fundamental concepts of security and infrastructure management using Microsoft 365 Defender. Get ready to take your skills to the next level and tackle the official certification exam. Join Microsoft MVP and Microsoft Certified Trainer Charbel Nemnom as he provides a comprehensive overview of this popular certification, which targets IT professionals tasked with securing the digital assets and environment of a business, on-premises or in the cloud. Kickstart your exam prep and start building the foundation for your security journey as a certified professional. Explore the core concepts and technical skills required to pass the exam, including core Microsoft security solutions skills and how to use Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and other third-party security solutions. By the end of this course, you’ll be ready to tackle the Microsoft Security Operations Analyst Associate (SC-200) certification exam.


01 Introduction
  • 01 Exam SC-200

    • 02 Configure Settings in Microsoft Defender XDR
  • 02 Learning objectives
  • 03 Configure a connection from Defender XDR to a Sentinel workspace
  • 04 Configure alert and vulnerability notification rules
  • 05 Configure Microsoft Defender for Endpoint advanced features
  • 06 Configure endpoint rules settings, including indicators and web content filtering
  • 07 Manage automated investigation and response capabilities in Microsoft Defender XDR
  • 08 Configure automatic attack disruption in Microsoft Defender XDR

    • 03 Manage Assets and Environments
  • 09 Learning objectives
  • 10 Configure and manage device groups, permissions, and automation levels in Microsoft Defender for Endpoint
  • 11 Identify and remediate unmanaged devices in Microsoft Defender for Endpoint
  • 12 Manage resources using Azure Arc
  • 13 Connect environments to Microsoft Defender for Cloud using multi-cloud account management
  • 14 Discover and remediate unprotected resources using Defender for Cloud
  • 15 Identify and remediate devices at risk using Microsoft Defender Vulnerability Management

    • 04 Design and Configure a Microsoft Sentinel Workspace
  • 16 Learning objectives
  • 17 Plan a Microsoft Sentinel workspace
  • 18 Configure Microsoft Sentinel roles
  • 19 Specify Azure RBAC roles for Microsoft Sentinel configuration
  • 20 Design and configure Microsoft Sentinel data storage, including log types and log retention
  • 21 Manage multiple workspaces using Workspace Manager and Azure Lighthouse

    • 05 Ingest Data Sources in Microsoft Sentinel
  • 22 Learning objectives
  • 23 Identify data sources to be ingested for Microsoft Sentinel and implement content hub solutions
  • 25 Configure bidirectional synchronization between Microsoft Sentinel and Microsoft Defender XDR
  • 26 Configure bidirectional synchronization between Microsoft Sentinel and Microsoft Defender for Cloud
  • 27 Plan and configure Syslog and Common Event Format (CEF) event collections
  • 29 Configure threat intelligence connectors, including platform, TAXII, upload indicators API, and MISP
  • 30 Create custom log tables in the workspace to store ingested data

    • 06 Configure Protections in Microsoft Defender Security Technologies
  • 31 Learning objectives
  • 32 Configure policies for Microsoft Defender for Cloud apps
  • 33 Configure policies for Microsoft Defender for Office
  • 35 Configure cloud workload protections in Microsoft Defender for Cloud

    • 07 Configure Detection in Microsoft Defender XDR
  • 36 Learning objectives
  • 37 Configure and manage custom detections
  • 38 Configure alert tuning
  • 39 Configure deception rules in Microsoft Defender XDR

    • 08 Configure Detections in Microsoft Sentinel
  • 40 Learning objectives
  • 41 Classify and analyze data using entities
  • 42 Configure scheduled query rules, including KQL
  • 43 Configure near-real-time (NRT) query rules, including KQL
  • 44 Manage analytics rules from content hub
  • 45 Configure anomaly detection analytics rules
  • 46 Configure the fusion rule
  • 47 Query Microsoft Sentinel data using ASIM parsers
  • 48 Manage and use threat indicators

    • 09 Respond to Alerts and Incidents in Microsoft Defender XDR
  • 49 Learning objectives
  • 50 Investigate and remediate threats to Microsoft Teams, SharePoint Online, and OneDrive
  • 51 Investigate and remediate threats in email using Microsoft Defender for Office
  • 54 Investigate and remediate threats identified by Microsoft Purview insider risk policies
  • 56 Investigate and remediate security risks identified by Microsoft Defender for Cloud apps
  • 57 Investigate and remediate compromised identities in Microsoft Entra ID
  • 58 Investigate and remediate security alerts from Microsoft Defender for Identity
  • 59 Manage actions and submissions in the Microsoft Defender portal

    • 10 Respond to Alerts and Incidents Identified by Microsoft Defender for Endpoint
  • 60 Learning objectives
  • 61 Investigate timeline of compromised devices
  • 63 Perform evidence and entity investigation

    • 11 Enrich Investigations Using Other Microsoft Tools
  • 64 Learning objectives
  • 65 Investigate threats using a unified audit log
  • 66 Investigate threats using content search
  • 67 Perform threat hunting using Microsoft Graph activity logs

    • 12 Manage Incidents in Microsoft Sentinel
  • 68 Learning objectives
  • 69 Triage incidents in Microsoft Sentinel
  • 70 Investigate incidents in Microsoft Sentinel
  • 71 Respond to incidents in Microsoft Sentinel

    • 13 Configure Security Orchestration, Automation, and Response (SOAR) in Microsoft Sentinel
  • 72 Learning objectives
  • 73 Create and configure automation rules
  • 74 Create and configure Microsoft Sentinel playbooks
  • 75 Configure analytic rules to trigger automation
  • 76 Trigger playbooks manually from alerts and incidents
  • 77 Run playbooks on on-premises resources

    • 14 Hunt for Threats Using KQL
  • 78 Learning objectives
  • 79 Identify threats using Kusto Query Language (KQL)
  • 80 Interpret threat analytics in the Microsoft Defender portal
  • 81 Create custom hunting queries using KQL

    • 15 Hunt for Threats Using Microsoft Sentinel
  • 82 Learning objectives
  • 83 Analyze attack vector coverage using the MITRE ATT&CK in Microsoft Sentinel
  • 84 Customize content gallery hunting queries
  • 85 Use hunting bookmarks for data investigations
  • 86 Monitor hunting queries using Livestream
  • 87 Retrieve and manage archived log data
  • 88 Create and manage search jobs

    • 16 Analyze and Interpret Data Using Workbooks
  • 89 Learning objectives
  • 90 Activate and customize Microsoft Sentinel workbook templates
  • 91 Create custom workbooks that include KQL
  • 92 Configure visualizations

    • 17 Conclusion
  • 93 Exam SC-200 M
    • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید اشتراک افزودن به سبد خرید
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    مدرس:
    شناسه: 42144
    حجم: 1019 مگابایت
    مدت زمان: 502 دقیقه
    تاریخ انتشار: ۷ دی ۱۴۰۳
    دسته بندی محصول
    LinkedIn Learning (Lynda)
    LinkedIn Learning (Lynda)
    مشاهده دوره های LinkedIn Learning (Lynda)
    دیگر آموزش های این مدرس
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید