SC-200: Microsoft Security Operations Analyst

سرفصل های دوره

Become a Microsoft SOC engineer Today!! Learn through lab excercises and practical demonstrations

1 - Introduction

1 - Mandiant-Forecast-Report-2023.pdf

1 - SC-200-Learning-Resources.pdf

1 - SKILLS-GAINED-SC-200.pdf

1 - The Need for SOC Team

2 - SC200 Microsoft Security Operations Analyst Course Introduction

2 - SC-200-Reviews.pdf

3 - Microsoft-Digital-Defense-Report-2022.pdf

3 - SC 200 May 2022 Update

3 - sc 200 course details from ms and other references.zip

4 - Reviews Thank You

2 - Module 1 Mitigate threats using Microsoft 365 Defender

5 - Module 1 Learning Objectives

6 - Introduction to Threat Protection

7 - Microsoft 365 Defender Suite

8 - Typical Timeline of An Attack

9 - Microsoft 365 Defender Interactive Demonstration

10 - Mitigate incidents using Microsoft 365 Defender Chapter Introduction

11 - How to Create your Playground Lab Environment

11 - set up your microsoft 365 defender trial in a lab environment.zip

12 - Microsoft 365 Defender portal Introduction

13 - Managing Incidents

14 - More about incidents

15 - Simulate Incidents Tor Browser

16 - Managing Incidents

17 - Managing Alerts

18 - Investigating Incidents MITRE ATTACK

19 - Advance Hunting

20 - Advance Hunting Schema

21 - Exploring the Kusto Queries

22 - Microsoft Threat Experts

23 - Microsoft Defender for Office 365 Chapter Introduction

24 - MIcrosoft Defender for Office 365 Key Capabilities

25 - Microsoft Defender for Office 365 Key Capabilities II

26 - Safeguard Your Organization M365 Defender for O365 Lab I

27 - Safeguard Your Organization M365 Defender for O365 Lab II

28 - Attack Simulation Lab Activity

29 - Microsoft Defender for Identity Introduction

30 - What is Microsoft Defender for Identity

31 - Microsoft Defender for Identity Key Capabilities

32 - Installing Sensors on Domain Controller 1

33 - Installing Sensors on Domain Controller 2

34 - Capturing Lateral Movements

35 - Threat Hunting Lab

36 - Microsoft Defender for Identity Sensors Architecture

37 - Protect Your Identities with Azure AD Identity Protection Introduction

38 - User Risks SignIn Risks

39 - User risk policy Sign in risk policy Lab Activity

40 - Cloud App Security Introduction

41 - The Cloud App Security Framework

42 - Conditional Access App Controls

43 - What is Information Protection

44 - Insider Risk Management Enable Auditing

45 - Phases of Cloud App security

46 - Cloud App security Phases Lab Activity

47 - Data Loss Prevention Chapter Intro

48 - DLP Alerts

49 - Create Policies for DLP in Compliance Portal

50 - Insider Risk Management

51 - What is Insider Risk

52 - Pain points of a Modern Workplace

53 - Insider Risk management with M365 Defender

54 - Insider Risk Management Permissions

55 - Module 1 Summary

3 - Module 2 Mitigate threats using Microsoft Defender for Endpoint

56 - Module 2 Introduction

56 - microsoft defender experts for hunting.zip

56 - microsoft defender experts for hunting proactively hunts threats.zip

57 - Defender for Endpoint Features

58 - Defender for Endpoint Terminology

59 - Onboarding devices to Defender

59 - onboarding devices using gpo refernce.zip

60 - Windows 10 Security Enhancements Chapter Introduction

61 - Attack Surface Reduction Rules

62 - Attack Surface Rules

63 - Device Inventory

64 - Device Investigation Alerts

65 - Behavioral Blocking

66 - Client Behavioral Blocking

67 - EDR Block Mode

68 - EDR Block Mode Lab Activity

69 - Performing Actions on the device

70 - Live Response

71 - Perform Evidence and Entities Investigations

72 - User Investigations

73 - Advance Automated Remediation Features Endpoint

74 - Managing File Uploads

75 - Automation folder exclusion

76 - File Level Investigation

77 - Automating Device group remediation

78 - Blocking Risky Devices using Intune Defender and Azure AD

79 - Configure Alerts and Detections Chapter Introduction

80 - Configuring Advance Features

81 - Configuring Email Notifications

82 - Indicators of Compromise

83 - 28 Threat and Vulnerability Management Chapter Introduction

84 - 29 Threat and Vulnerability Management Explanation

85 - Module 2 Summary

4 - Module 3 Mitigate threats using Microsoft Defender for Cloud

86 - Module 3 Introduction

87 - What is Azure Security Center

88 - Microsoft Defender for cloud Features

89 - Azure Defender for Cloud Lab Activity

90 - CSPM and CWP

91 - What resources are protected using Microsoft Defender

92 - Benefits of Azure Defender for servers

93 - Defender for App services

94 - Defender for App services Lab

95 - Defender for Storage Lab

96 - Defender for SQL LAB

97 - Defender for Keyvault

98 - Defender for DNS

99 - Defender for Kubernetes

100 - Defender for Container Registry

101 - Connect Azure assets to Azure Defender Chapter introduction

102 - Asset Inventory LAB

103 - Auto provisioning

104 - Stored Event types

105 - Manual Provisioning

106 - Connect nonAzure reosurces to Defender

107 - Onboarding Methods

108 - Onboard GCP instance to Azure ARC

109 - Onboarding AWS Services to Defender for cloud

110 - Remediating Security Alerts Chapter Intro

111 - Changing World and Attackers

112 - What are Security alerts and notifications

113 - How does defender work

114 - Alert Severity Level

115 - Continuous Monitoring and assesments

116 - Mitre Attack tactics and alert types

117 - Remediating Alerts

118 - Automated Responses

119 - Alert Supression

120 - Module 3 Summary

5 - Module 4 Create Queries for Microsoft Sentinel using Kusto Query Language

121 - Module 4 Introduction

122 - The Construct of KQL Language

123 - The Lab Environment

124 - Declaring Variables with Let

125 - Search and Where Operator

126 - Extend Operator

127 - Order By Usage

128 - Project Operator

129 - Summarize Count and DCount Functions

130 - ArgMax and ArgMin Functions

131 - MakeList and MakeSet Functions

132 - Render Operator

133 - Bin Function

134 - Union Operator

135 - Module 4 Summary

6 - Module 5 Microsoft Sentinel Environment Configuration

136 - What is a SIEM Solution

136 - microsoft defender experts for xdr.zip

137 - Azure-Sentinel-Use-Cases-for-ATT-CK-based-Detection-Mitig.pdf

137 - Microsoft-Sentinel-Deployment-Best-Practices-Guide.pdf

137 - What is Microsoft Sentinel

138 - Microsoft Sentinel Components

139 - Data Connectors

140 - Log Retention

141 - Workbooks

142 - Analytics Alerts

143 - Threat Hunting

144 - Incidents Investigations

145 - Automation Playbooks

146 - Creating Azure Sentinel Workspace

147 - Azure Sentinel RBAC

148 - Data Connectors

149 - OnBoarding Windows host to Sentinel

150 - Ingesting Events to Sentinel

151 - Sentinel Watchlist

152 - Sentinel Creating a watchlist for Tor Nodesedited

153 - Sentinel Create Hunting Query

154 - Sentinel Live Stream

155 - Sentinel Capturing traffic from TOR Exit Nodes

156 - Sentinel Create Analytical Rules

157 - Analytical Rule Type Fusion

158 - Analytical Rule Types Security Types

159 - Analytical Rule Types ML based Behavioral Analytics

160 - Analytical Rule Types Anomaly Scheduled Alerts and NRT

161 - Creating Anayltics Rules based on Template

162 - Creating Analytic Rules based on Wizard

163 - Managing the Rules

164 - Define Threat Intelligence CTI

165 - Create TI Lab Activity

7 - Module 6 Microsoft Sentinel Environment Connecting Logs

166 - Module 6 Introduction

167 - Connect M365 Defender to Sentinel

168 - Office 365 Log Connector

169 - Azure Activity Log Connector

170 - Azure Active Directory Identity Protection Connector

171 - Defender for Office 365 Connector

172 - Defender for Endpoint Connector

173 - Connect Threat Indicators to Microsoft Sentinel

8 - Microsoft Sentinel Environment IncidentsThreat Response UEBA and Monitoring

174 - Module 7 Introduction

175 - Key Concepts of Incident Management

176 - Investigations in Azure Sentinel

177 - Key Concepts of Incident Management II

178 - Incident Management in Microsoft Sentinel I

179 - Incident Management in Microsoft Sentinel II

180 - Brute Force attack against Azure Portal Simulation

181 - Threat Response with Microsoft Sentinel Playbooks Introduction Use Case

182 - Step 1 Creating Analytical Rule to look for Role membership changes

183 - Step 2 Integrate Log Analytics with Azure AD Audit Logs

184 - Step 3 Verify Log Analytics

185 - Step 4 Incident Creation in Sentinel

186 - Step 5 Create Logic App to Integrate with Microsoft Teams

187 - Step 6 Edit Analytical Rule to add Logic App Playbooks

188 - Finally Testing the Integration

189 - UEBA User Entity Behavior Analytics Introduction

190 - Entity Behaviour Lab I

191 - Entity Behaviour Lab II

192 - Workbooks Introduction

193 - Create Workbooks Using Template

194 - Create Workbook from scratch

194 - Microsoft-Sentinel-Technical-Playbook-for-MSSPs.pdf

9 - Module 8 Perform Threat Hunting with Microsoft Sentinel

195 - Module 8 Introduction

196 - Cyber Security Threat Hunting

197 - The Need for Proactive Hunting

198 - Develop a Threat Hunting Hypothesis

199 - Threat Hunting Recap

200 - Notebooks Introduction

201 - Sentinel Notebooks Lab Activity

10 - SC 200 Microsoft Security Operations Analyst Course Summary

202 - SC 200 Microsoft Security Operations Analyst Course Summary

202 - additional basic and advance training links from ms.zip

202 - additional microsoft resources and refernce.zip

202 - defender for cloud training links from ms.zip

202 - defender for endpoint training link and references from ms.zip

202 - defender for identity training and reference links from ms.zip

202 - defender for office 365 training from ms.zip

202 - microsoft defender for iot training from ms.zip

202 - microsoft identity training links from ms.zip

53,700 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy-Training