Master SC-200: Microsoft Security Operations Analyst Pro 2024
Focused View
6:03:10
01 Exam SC-200.mp4
09:22
02 Learning objectives.mp4
01:02
03 Configure a connection from Defender XDR to a Sentinel workspace.mp4
05:11
04 Configure alert and vulnerability notification rules.mp4
04:32
05 Configure Microsoft Defender for Endpoint advanced features.mp4
07:14
06 Configure endpoint rules settings, including indicators and web content filtering.mp4
08:56
07 Manage automated investigation and response capabilities in Microsoft Defender XDR.mp4
06:05
08 Configure automatic attack disruption in Microsoft Defender XDR.mp4
06:25
09 Learning objectives.mp4
01:01
10 Configure and manage device groups, permissions, and automation levels in Microsoft Defender for Endpoint.mp4
07:07
11 Identify and remediate unmanaged devices in Microsoft Defender for Endpoint.mp4
04:22
12 Manage resources using Azure Arc.mp4
07:16
13 Connect environments to Microsoft Defender for Cloud using multi-cloud account management.mp4
06:53
14 Discover and remediate unprotected resources using Defender for Cloud.mp4
06:16
15 Identify and remediate devices at risk using Microsoft Defender Vulnerability Management.mp4
07:00
16 Learning objectives.mp4
00:53
17 Plan a Microsoft Sentinel workspace.mp4
03:55
18 Configure Microsoft Sentinel roles.mp4
03:09
19 Specify Azure RBAC roles for Microsoft Sentinel configuration.mp4
03:39
20 Design and configure Microsoft Sentinel data storage, including log types and log retention.mp4
07:49
21 Manage multiple workspaces using Workspace Manager and Azure Lighthouse.mp4
04:17
22 Learning objectives.mp4
01:30
23 Identify data sources to be ingested for Microsoft Sentinel and implement content hub solutions.mp4
05:16
24 Configure and use Microsoft connectors for Azure resources, including Azure Policy and diagnostic settings.mp4
03:34
25 Configure bidirectional synchronization between Microsoft Sentinel and Microsoft Defender XDR.mp4
04:51
26 Configure bidirectional synchronization between Microsoft Sentinel and Microsoft Defender for Cloud.mp4
02:54
27 Plan and configure Syslog and Common Event Format (CEF) event collections.mp4
06:29
28 Plan and configure collection of Windows Security events using data collection rules, including Windows Event Forwarding (WEF).mp4
04:33
29 Configure threat intelligence connectors, including platform, TAXII, upload indicators API, and MISP.mp4
06:45
30 Create custom log tables in the workspace to store ingested data.mp4
05:52
31 Learning objectives.mp4
00:47
32 Configure policies for Microsoft Defender for Cloud apps.mp4
08:30
33 Configure policies for Microsoft Defender for Office.mp4
06:30
34 Configure security policies for Microsoft Defender for Endpoints, including attack surface reduction (ASR) rules.mp4
06:40
35 Configure cloud workload protections in Microsoft Defender for Cloud.mp4
08:25
36 Learning objectives.mp4
00:34
37 Configure and manage custom detections.mp4
08:52
38 Configure alert tuning.mp4
06:14
39 Configure deception rules in Microsoft Defender XDR.mp4
10:04
40 Learning objectives.mp4
01:00
41 Classify and analyze data using entities.mp4
08:30
42 Configure scheduled query rules, including KQL.mp4
14:43
43 Configure near-real-time (NRT) query rules, including KQL.mp4
03:59
44 Manage analytics rules from content hub.mp4
04:05
45 Configure anomaly detection analytics rules.mp4
07:12
46 Configure the fusion rule.mp4
06:48
47 Query Microsoft Sentinel data using ASIM parsers.mp4
08:47
48 Manage and use threat indicators.mp4
08:02
49 Learning objectives.mp4
01:46
50 Investigate and remediate threats to Microsoft Teams, SharePoint Online, and OneDrive.mp4
05:34
51 Investigate and remediate threats in email using Microsoft Defender for Office.mp4
06:09
52 Investigate and remediate ransomware and business email compromise incidents identified by automatic attack disruption.mp4
04:39
53 Investigate and remediate compromised entities identified by Microsoft Purview data loss prevention (DLP) policies.mp4
05:01
54 Investigate and remediate threats identified by Microsoft Purview insider risk policies.mp4
10:01
55 Investigate and remediate alerts and incidents identified by Microsoft Defender for Cloud.mp4
07:59
56 Investigate and remediate security risks identified by Microsoft Defender for Cloud apps.mp4
05:03
57 Investigate and remediate compromised identities in Microsoft Entra ID.mp4
03:48
58 Investigate and remediate security alerts from Microsoft Defender for Identity.mp4
05:04
59 Manage actions and submissions in the Microsoft Defender portal.mp4
08:34
60 Learning objectives.mp4
00:45
61 Investigate timeline of compromised devices.mp4
06:43
62 Perform actions on the device, including live response and collecting investigation packages.mp4
10:33
63 Perform evidence and entity investigation.mp4
07:41
More details
Course Overview
This comprehensive course prepares you for the SC-200 certification, equipping you with essential skills to secure digital assets using Microsoft 365 Defender, Sentinel, and Defender for Cloud. Led by a Microsoft MVP, it covers security operations, threat detection, and incident response in hybrid environments.
What You'll Learn
- Configure and manage Microsoft Defender XDR and Sentinel workspaces
- Implement threat detection and automated response solutions
- Investigate and remediate security incidents across Microsoft 365
Who This Is For
- IT professionals securing cloud/hybrid environments
- Aspiring Microsoft Security Operations Analysts
- Security administrators managing Defender solutions
Key Benefits
- Hands-on preparation for SC-200 certification exam
- Master Microsoft's enterprise security toolset
- Learn from Microsoft Certified Trainer expertise
Curriculum Highlights
- Microsoft Defender XDR configuration
- Sentinel workspace design & data ingestion
- Advanced threat investigation techniques
Focused display
Category
- language english
- Training sessions 63
- duration 6:03:10
- English subtitles has
- Release Date 2025/06/02
