وب سایت تخصصی شرکت فرین
دسته بندی دوره ها
1

SC-200 Microsoft Security Operations Analyst Course & SIMs

سرفصل های دوره

Get prepared for the SC-200 exam with instructor led labs and hands on simulations available 24/7


1. Introduction
  • 1. Welcome to the course!
  • 2. Understanding the Microsoft Environment
  • 3. Foundations of Active Directory Domains
  • 4. Foundations of RAS, DMZ, and Virtualization
  • 5. Foundations of the Microsoft Cloud Services
  • 6. DONT SKIP The first thing to know about Microsoft cloud services
  • 7. DONT SKIP Azure AD is now renamed to Entra ID
  • 8. Questions for John Christopher
  • 9. Order of concepts covered in the course

  • 2. Performing hands on activities
  • 1. DONT SKIP Using Assignments in the course
  • 2. Creating a free Microsoft 365 Account
  • 3. Activating licenses for Defender for Endpoint and Vulnerabilities
  • 4. Getting your free Azure credit

  • 3. Mitigate threats to the Microsoft365 environment by using Microsoft 365 Defender
  • 1. Microsoft Defender and Microsoft Purview admin centers
  • 2.1 Microsoft 365 Defender.pdf
  • 2. Introduction to Microsoft 365 Defender
  • 3. Using polices to remediate threats with Email ,Teams, SharePoint & OneDrive
  • 4. Investigate, respond, and remediate threats with Defender for Office 365
  • 5.1 Understanding DLP.pdf
  • 5. Understanding data loss prevention (DLP) in Microsoft 365 Defender
  • 6. Implement data loss prevention policies (DLP) to respond and alert
  • 7. Investigate & respond to alerts generated by data loss prevention (DLP) policies
  • 8.1 Insider Risk Management.pdf
  • 8. Understanding insider risk policies
  • 9. Generating an insider risk policy
  • 10. Investigate and respond to alerts generated by insider risk policies
  • 11.1 Defender for Cloud Apps.pdf
  • 11. Discover and manage apps by using Microsoft Defender for Cloud Apps
  • 12. Identify,investigate, & remediate security risks by using Defender for Cloud App
  • 13. SIMULATION Create a safe attachment policy for Sales with Dynamic Deliver.html
  • 14. SIMULATION Create a custom DLP policy that uses Payroll Keyword sensitivity.html

  • 4. Mitigate endpoint threats by using Microsoft Defender for Endpoint
  • 1.1 Microsoft 365 Defender.pdf
  • 1. Concepts of management with Microsoft Defender for Endpoint
  • 2. Setup a Windows 11 virtual machine endpoint
  • 3. Enrolling to Intune for attack surface reduction (ASR) support
  • 4. Onboarding to manage devices using Defender for Endpoint
  • 5. A note about extra features in your Defender for Endpoint
  • 6. Incidents, alert notifications, and advanced feature for endpoints
  • 7. Review and respond to endpoint vulnerabilities
  • 8. Recommend attack surface reduction (ASR) for devices
  • 9. Configure and manage device groups
  • 10. Identify devices at risk using the Microsoft Defender Vulnerability Management
  • 11. Manage endpoint threat indicators
  • 12. Identify unmanaged devices by using device discovery
  • 13. SIMULATION Create an endpoint device group in Microsoft 365 Defender.html

  • 5. Mitigate identity threats
  • 1. Mitigate security risks related to events for Microsoft Entra ID
  • 2.1 Entra Identity Protection.pdf
  • 2. Concepts of using Microsoft Entra Identity Protection
  • 3. Mitigate security risks related to Microsoft Entra Identity Protection events
  • 4. Mitigate risks related to MS Entra Identity Protection inside Microsoft Defender
  • 5.1 Microsoft Defender for Identity.pdf
  • 5. Understanding Microsoft Defender for Identity
  • 6. Mitigate security risks related to Active Directory (AD DS) using Microsoft DFI
  • 7. SIMULATION Use Entra ID protection to set User Risk to Medium & Above....html

  • 6. Manage extended detection and response (XDR) in Microsoft 365 Defender
  • 1.1 extended detection and response (xdr).zip
  • 1. Concepts of the purpose of extended detection and response (XRD)
  • 2. Setup a simulation lab using Microsoft 365 Defender
  • 3. Run an attack against a device in the simulation lab
  • 4. Manage incidents & automated investigations in the Microsoft 365 Defender portal
  • 5. Run an attack simulation email campaign in Microsoft 365 Defender
  • 6. Manage actions and submissions in the Microsoft 365 Defender portal
  • 7. Identify threats by using Kusto Query Language (KQL)
  • 8. Identify and remediate security risks by using Microsoft Secure Score
  • 9. Analyze threat analytics in the Microsoft 365 Defender portal
  • 10. Configure and manage custom detections and alerts
  • 11. SIMULATION Create an alert policy, high severity, information governance....html

  • 7. Investigate threats by using audit features in MS 365 Defender and MS Purview
  • 1. Understanding unified audit log licensing and requirements
  • 2. Setting unified audit permissions and enabling support
  • 3. Perform threat hunting by using unified audit log
  • 4. Perform threat hunting by using Content Search
  • 5. SIMULATION Perform an audit search in Purview for the first 5 listed Exchange...html

  • 8. Implement and maintain cloud security posture management
  • 1. Overview of Microsoft Defender for Cloud
  • 2. Assign and manage regulatory compliance policies, including MCSB
  • 3. Improve the Microsoft Defender for Cloud secure score by applying remediation's
  • 4. Configure plans and agents for Microsoft Defender for Servers
  • 5. Configure and manage Microsoft Defender for DevOps
  • 6. Configure & manage Microsoft Defender External Attack Surface Management (EASM)
  • 7. SIMULATION Turn on server support and API support for Microsoft Defender....html

  • 9. Configure environment settings in Microsoft Defender for Cloud
  • 1. Plan and configure Microsoft Defender for Cloud settings
  • 2. Configure Microsoft Defender for Cloud roles
  • 3.1 assess and recommend cloud workload protection.zip
  • 3. Assess and recommend cloud workload protection and enable plans
  • 4. Configure automated onboarding of Azure resources
  • 5. Connect compute resources by using Azure Arc
  • 6. Connect multi-cloud resources by using Environment settings
  • 7. SIMULATION Turn on automatic onboarding of servers for Defender for Endpoint.html

  • 10. Respond to alerts and incidents in Microsoft Defender for Cloud
  • 1. Set up email notifications
  • 2. Create and manage alert suppression rules
  • 3. Design and configure workflow automation in Microsoft Defender for Cloud
  • 4. Generate sample alerts and incidents in Microsoft Defender for Cloud
  • 5. Remediate alerts and incidents by using MS Defender for Cloud recommendations
  • 6. Manage security alerts and incidents
  • 7. Analyze Microsoft Defender for Cloud threat intelligence reports
  • 8. SIMULATION Set alert notifications to low & above....html

  • 11. Design and configure a Microsoft Sentinel workspace
  • 1.1 Microsoft Sentinel.pdf
  • 1. Concepts of Microsoft Sentinel
  • 2. Plan a Microsoft Sentinel workspace
  • 3. Configure Microsoft Sentinel roles
  • 4. Design and configure Microsoft Sentinel data storage,log types and log retention
  • 5. SIMULATION Assign JC to the Microsoft Sentinel Contributor role.html

  • 12. Plan and implement the use of data connectors for ingestion of data sources
  • 1.1 identify data sources to be ingested for microsoft sentinel.zip
  • 1. Identify data sources to be ingested for Microsoft Sentinel
  • 2. Configure and use MS Sentinel connectors, Azure Policy & diagnostic settings
  • 3. Configure Microsoft Sentinel connectors for MS 365 Defender & Defender for Cloud
  • 4. Design and configure Syslog and Common Event Format (CEF) event collections
  • 5. Design and configure Windows security event collections
  • 6. Configure threat intelligence connectors
  • 7.1 sample.zip
  • 7. Create custom log tables in the workspace to store ingested data
  • 8. SIMULATION Configure the Microsoft Entra ID data connector with Sign-In Log....html

  • 13. Manage Microsoft Sentinel analytics rules
  • 1.1 Sentinel Analytics Rules.pdf
  • 1. Concepts of Microsoft Sentinel analytics rules
  • 2. Configure the Fusion rule
  • 3. Configure Microsoft security analytics rules
  • 4. Configure built-in scheduled query rules
  • 5.1 KQL custom scheduled query.txt
  • 5. Configure custom scheduled query rules
  • 6.1 KQL NRT rule.txt
  • 6. Configure near-real-time (NRT) analytics rules
  • 7. Manage analytics rules from Content hub
  • 8.1 watchlist-sample.csv
  • 8. Manage and use watchlists
  • 9. Manage and use threat indicators
  • 10. SIMULATION Create an incident creation rule for Defender for Identity....html

  • 14. Perform data classification and normalization
  • 1. Classify and analyze data by using entities
  • 2.1 Advanced Security Information Model (ASIM).pdf
  • 2. Query Microsoft Sentinel data by using Advanced Security Information Model(ASIM)
  • 3.1 ASIM example.txt
  • 3. Develop and manage ASIM parsers

  • 15. Configure security orchestration automated response (SOAR) in Microsoft Sentinel
  • 1. Create and configure automation rules
  • 2. Create and configure Microsoft Sentinel playbooks
  • 3. Configure analytic rules to trigger automation rules
  • 4. Trigger playbooks from alerts and incidents
  • 5. SIMULATION Create an automation incident rule that assigns JC as owner....html

  • 16. Manage Microsoft Sentinel incidents
  • 1. Configure an incident generation
  • 2. Triage incidents in Microsoft Sentinel
  • 3. Investigate incidents in Microsoft Sentinel
  • 4. Respond to incidents in Microsoft Sentinel
  • 5. Investigate multi-workspace incidents
  • 6. SIMULATION Configure the Medium Malicious Inbox incident....html

  • 17. Use Microsoft Sentinel workbooks to analyze and interpret data
  • 1. Activate and customize Microsoft Sentinel workbook templates
  • 2. Create custom workbooks
  • 3. Configure advanced visualizations

  • 18. Hunt for threats by using Microsoft Sentinel
  • 1. Analyze attack vector coverage by using MITRE ATT&CK in Microsoft Sentinel
  • 2. Customize content gallery hunting queries
  • 3. Create custom hunting queries
  • 4. Use hunting bookmarks for data investigations
  • 5. Monitor hunting queries by using Livestream
  • 6. Retrieve and manage archived log data
  • 7. Create and manage search jobs
  • 8. SIMULATION Select the Malicious Keyword Query in Hunting....html

  • 19. Manage threats by using User and Entity Behavior Analytics
  • 1. Configure User and Entity Behavior Analytics settings
  • 2. Investigate threats by using entity pages
  • 3.1 KQL Anomaly Rule.txt
  • 3. Configure anomaly detection analytics rules

  • 20. Conclusion
  • 1. Cleaning up your lab environment
  • 2. Getting a Udemy certificate
  • 3. BONUS - Where do I go from here
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    مدرس:
    شناسه: 27761
    حجم: 7996 مگابایت
    مدت زمان: 828 دقیقه
    تاریخ انتشار: 28 آذر 1402
    دسته بندی محصول
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید