Microsoft Security Operations Analyst - Certification Fast Track

Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender XDR and Microsoft Defender for Cloud. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.

About our Certification Fast Track

With our Certification Fast Track Training, you participate in official Microsoft training - but instead of a full week from Monday to Friday, the training is split into two smaller sections.

The Instructor-led part of the training is focused on hands on and best practices. The theoretical part of the courseware will be studied self-paced, in order not to loose precious practice time during your instructor led training days. Exam preparation is an important part of this training delivery - hence we include a Practice Test which will ensure that you will start your exam well prepared. To complete the offer the Exam Voucher is already included as well.

As a participant, you can use the time in between the training days to deepen or repeat content. In addition, you have the advantage of not being absent from work for an entire week, so that day-to-day business is not neglected.

Process of Certification Fast Track Training

After your registration you will receive an introduction to the program. You will also receive reminder e-mails from us along the way.

Below are your 5 steps of your Certification Fast Track training:

1. Self study part of the theory and labs (max 18 hours, which can be spread out over several weeks)
2. Take your 2-day Instructor Led Training, hands on practice and theory (The first 2 days of the displayed dates in the schedule)
3. Continue to practice your labs, studying your theory and complete the provided Official Microsoft Practice Test. The practice test shows you which topics need more attention.
4. Take your 1-day Instructor Led Exam Preparation Training. The instructor will clear out any questions that you have left (The last day of the displayed dates in the schedule). 
5. Use your MCP exam voucher to complete your exam within two weeks after the Exam Prep Training.

Audience Profile

The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender XDR, Microsoft Defender for Cloud, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.

Course Syllabus

• Mitigate threats using Microsoft Defender XDR
• Mitigate threats using Microsoft Security Copilot
• Mitigate threats using Microsoft Purview
• Mitigate threats using Microsoft Defender for Endpoint
• Mitigate threats using Microsoft Defender for Cloud
• Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
• Configure your Microsoft Sentinel environment
• Connect logs to Microsoft Sentinel
• Create detections and perform investigations using Microsoft Sentinel
• Perform threat hunting in Microsoft Sentinel