course overview
download outline
Overview
Learn how to investigate, respond to, and hunt for threats using Microsoft Azure Sentinel, Azure Defender, and Microsoft 365 Defender. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Azure Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.
The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
To access your Official Curriculum (MOC) course materials you will need a Microsoft.com/Learn account. In Learn you will also be able to register your completion of the event and receive your achievement badge. You will be issued with a unique code during your event.
Audience
Skills Gained
Prerequisites
Important:
Multi-factor authentication (MFA) requirements: For security purposes Microsoft require MFA for access to the Microsoft 365/Dynamics 365 tenants used for this course. As such, you will be need to have a mobile device available upon which you will set up the free of charge Microsoft Mobile phone authenticator App which can be downloaded here with details on how to sign in here
Outline
Introduction to Microsoft 365 threat protection
In this module, you'll learn how to use the Microsoft 365 Defender integrated threat protection suite.
Learning objectives
In this module, you learned the role that Microsoft 365 Defender plays in a modern SOC. You should now be able to:
Mitigate incidents using Microsoft 365 Defender
Learn how the Microsoft 365 Defender portal provides a unified view of incidents from the Microsoft 365 Defender family of products.
Learning objectives
Upon completion of this module, the learner will be able to:
Protect your identities with Azure AD Identity Protection
Use the advanced detection and remediation of identity-based threats to protect your Azure Active Directory identities and applications from compromise.
Learning objectives
In this module, you will:
Remediate risks with Microsoft Defender for Office 365
Learn about the Microsoft Defender for Office 365 component of Microsoft 365 Defender.
Learning objectives
In this module, you will learn how to:
Safeguard your environment with Microsoft Defender for Identity
Learn about the Microsoft Defender for Identity component of Microsoft 365 Defender.
Learning objectives
Upon completion of this module, you should be able to:
Certification
Important:
Multi-factor authentication (MFA) requirements: For security purposes Microsoft require MFA for access to the Microsoft 365/Dynamics 365 tenants used for this course. As such, you will be need to have a mobile device available upon which you will set up the free of charge Microsoft Mobile phone authenticator App which can be downloaded here with details on how to sign in here
Please note: Due to the dynamic nature of updates to Microsoft 365 functionality, elements of the syllabus of this course can be subject to change without notice.
Microsoft Official Courses offer fast paced, higher level overviews of features with hands-on labs that may be completed during and post course. Note – there may not be time to complete labs during the course due to the delays in some Microsoft 365 services and the breadth of material to cover.
Microsoft Official M365 Courses are appropriate for delegates primarily interested in certification.
If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.
Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.
All $ prices are in USD unless it’s a NZ or AU date
SPVC = Self Paced Virtual Class
LVC = Live Virtual Class
Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.