Microsoft - Certified: Security Operations Analyst Associate

Varighet

Varighet:

Bare 3 dager

Metode

Metode:

klasserommet / på nett / Hybrid

Neste dato

Neste dato:

28/6/2021 (Mandag)

Overview

Bruk dine Microsoft Vouchers

Din kurs kan være mye billigere om organisasjonen har SA Vouchers. Vouchers kan brukes for et stort utvalg av offisielle Microsoft kurs hos Firebrand. Snakk med en Firebrand rådgiver, hvis du vil vite mer Kontakt oss.

Check out our Microsoft New Security Certifications blog for more information on Microsoft's new Security Career Pathway. 

On this accelerated Microsoft Certified: Security Operations Analyst Associate course, you’ll learn to investigate and respond to threats to your business using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products.

In just 3 days, you’ll build knowledge on collaborating with stakeholders to secure information technology systems for your organisation. You’ll also learn how to:

  • Reduce business risk by rapidly remediating active attacks in the environment
  • Advising on improvements to threat protection practices
  • Refer violations of business policies to appropriate stakeholders

At the end of this course, you’ll sit exam Exam SC-200: Microsoft Security Operations Analyst (currently beta) and achieve your certification. As Firebrand are a Microsoft Gold Partner for Learning, you’ll get access to the official exam, Microsoft Official Curriculum (MOCs) and learn from Microsoft Certified Trainers (MCTs).

Through Firebrand’s Lecture | Lab | Review methodology, you’ll achieve your certification twice as fast as traditional training.

Her er 8 grunner til hvorfor du skal gjennomføre ditt hos Firebrand Training:

  1. Du blir utdannet og sertifisert på bare 3 dager. Hos oss får du din utdanning og sertifisering på rekordtid, en sertifisering du også gjennomfører der og da som en integrert del av den intensive, akselererte utdanningen.
  2. Alt er inkludert. Et engangsbeløp dekker alt kursmaterial, eksamen, kost og losji og tilbyr den mest kostnadseffektive måten å gjennomføre ditt kurs og sertifisering på. Og dette uten noen uannonserte ytterligere kostnader.
  3. Du klarer sertifiseringen første gangen eller kan gå kurset om igjen kostnadsfritt. Det er vår garanti. Vi er sikre på at du vil klare din sertifisering første gangen. Men skulle du mot formodning ikke gjøre det kan du innen et år komme tilbake og kun betale for eventuelle overnattinger og din eksamen. Alt annet er gratis.
  4. Du lærer deg mer.Tradisjonelle utdanningsdager varer fra kl. 09.00 til 16.00 med lange lunsj- og kaffepauser. Hos Firebrand Training får du minst 12 timers effektiv og fokusert kvalitetsutdanning hver dag sammen med din instruktør, uten private eller arbeidsrelaterte, forstyrrende momenter.
  5. Du lærer deg raskere. Vi kombinerer de tre innlæringsmetodene (Presentasjon |Øving| Diskusjon) slik at vi gjennomfører kurset på en måte som sikrer at du lærer deg raskere og lettere.
  6. Du er i sikre hender.Vi har utdannet og sertifisert 103.216 personer, vi er partner med alle de store navn i bransjen og vi har vunnet atskillige utmerkelser, bla. a. "Årets Learning Partner 2010, 2011, 2012, 2013 og 2015” fra Microsoft Danmark og med en vekst på 1430 % siden 2009 er vi årets Gazelle prisvinner på Sjælland, Danmark.
  7. Du lærer deg ikke bare teorien. Vi har videreutviklet kursen og tilbyr flere praktiske øvelser og sikrer på den måten, at du kan bruke dine ferdigheter for å løse daglige praktiske problemstillinger.
  8. Du lærer av de beste. Våre instruktører på er de beste i bransjen og tilbyr en helt unik blanding av kunnskap, praktisk erfaring og pasjon for å lære bort.

Benefits

Curriculum

Course SC-200T00-A: Microsoft Security Operations Analyst

Module 1: Mitigate threats using Microsoft Defender for Endpoint

  • Protect against threats with Microsoft Defender for Endpoint
  • Deploy the Microsoft Defender for Endpoint environment
  • Implement Windows 10 security enhancements with Microsoft Defender for Endpoint
  • Manage alerts and incidents in Microsoft Defender for Endpoint
  • Perform device investigations in Microsoft Defender for Endpoint
  • Perform actions on a device using Microsoft Defender for Endpoint
  • Perform evidence and entities investigations using Microsoft Defender for Endpoint
  • Configure and manage automation using Microsoft Defender for Endpoint
  • Configure for alerts and detections in Microsoft Defender for Endpoint
  • Utilise Threat and Vulnerability Management in Microsoft Defender for Endpoint

Module 2: Mitigate threats using Microsoft 365 Defender

  • Introduction to threat protection with Microsoft 365
  • Mitigate incidents using Microsoft 365 Defender
  • Protect your identities with Azure AD Identity Protection
  • Remediate risks with Microsoft Defender for Office 365
  • Safeguard your environment with Microsoft Defender for Identity
  • Secure your cloud apps and services with Microsoft Cloud App Security
  • Respond to data loss prevention alerts using Microsoft 365
  • Manage insider risk in Microsoft 365

Module 3: Mitigate threats using Azure Defender

  • Plan for cloud workload protections using Azure Defender
  • Explain cloud workload protections in Azure Defender
  • Connect Azure assets to Azure Defender
  • Connect non-Azure resources to Azure Defender
  • Remediate security alerts using Azure Defender

Module 4: Create queries for Azure Sentinel using Kusto Query Language (KQL)

  • Construct KQL statements for Azure Sentinel
  • Analyse query results using KQL
  • Build multi-table statements using KQL
  • Work with data in Azure Sentinel using Kusto Query Language

Module 5: Configure your Azure Sentinel environment

  • Introduction to Azure Sentinel
  • Create and manage Azure Sentinel workspaces
  • Query logs in Azure Sentinel
  • Use watchlists in Azure Sentinel
  • Utilise threat intelligence in Azure Sentinel

Module 6: Connect logs to Azure Sentinel

  • Connect data to Azure Sentinel using data connectors
  • Connect Microsoft services to Azure Sentinel
  • Connect Microsoft 365 Defender to Azure Sentinel
  • Connect Windows hosts to Azure Sentinel
  • Connect Common Event Format logs to Azure Sentinel
  • Connect syslog data sources to Azure Sentinel
  • Connect threat indicators to Azure Sentinel

Module 7: Create detections and perform investigations using Azure Sentinel

  • Threat detection with Azure Sentinel analytics
  • Threat response with Azure Sentinel playbooks
  • Security incident management in Azure Sentinel
  • Use entity behaviour analytics in Azure Sentinel
  • Query, visualise, and monitor data in Azure Sentinel

Module 8: Perform threat hunting in Azure Sentinel

  • Threat hunting with Azure Sentinel
  • Hunt for threats using notebooks in Azure Sentinel

Exam Track

As part of your accelerated course, you’ll sit the following exam at the Firebrand Training centre, covered by your Certification Guarantee:

Exam SC-200: Microsoft Security Operations Analyst - currently beta

  • Exam code: SC-200
  • English: Language
  • Domains:
    • Mitigate threats using Microsoft 365 Defender (25-30%)
    • Mitigate threats using Azure Defender (25-30%)
    • Mitigate threats using Azure Sentinel (40-45%)

What's Included

Prerequisites

Before taking this accelerated course, you should have a basic understanding of the following topics:

  • Microsoft 365
  • Microsoft security, compliance, and identity products
  • Azure services, specifically Azure SQL Database and Azure Storage
  • Azure virtual machines and virtual networking
  • Scripting concepts

And an intermediate understanding of the following:

  • Windows 10

Anmeldelser

Vi har lært opp 103.216 personer på 12 år. Vi ba dem om å anmelde vår akselererte opplæring. Akkurat nå har 96,67% angitt at Firebrand overgikk forventningene:

"A new course from Microsoft that was delivered by an experienced trainer who really knew the topic in-depth."
Paul Wilson. (3/5/2021 (Mandag) til 5/5/2021 (Onsdag))

"Thank you for the course, I appreciate I was part of the 1st group of users to ever for this new SC-300 course. All materials were new, labs etc newly setup and i understand there was either limited details or unclear information, however the trainer leading the course was entirely honest and provided alot more information, demo and experience to the course. Highly recommend attending course led by trainer as not only reading text book paragraphes and slides to understand the concepts, instructor led will provide live demos and own experience in live environments."
W.C.. (3/5/2021 (Mandag) til 5/5/2021 (Onsdag))

"Training was very interactive and easily followed, happy to answer any questions"
Alan Kulczynski, IBM. (28/4/2021 (Onsdag) til 30/4/2021 (Fredag))

"Intense course with details that will be real life benefits to developers and stakeholders."
M.A.. (26/4/2021 (Mandag) til 29/4/2021 (Torsdag))

"Intense but rewarding."
K.C.. (29/3/2021 (Mandag) til 3/4/2021 (Lørdag))

Kursdatoer

Start

Slutt

Kapasitet

Plass

Registrer deg

22/2/2021 (Mandag)

24/2/2021 (Onsdag)

Ferdig - Gi tilbakemelding

-

 

28/6/2021 (Mandag)

30/6/2021 (Onsdag)

Venteliste

Landsdekkende

 

9/8/2021 (Mandag)

11/8/2021 (Onsdag)

Begrenset kapasitet

Landsdekkende

 

20/9/2021 (Mandag)

22/9/2021 (Onsdag)

Ledige plasser

Landsdekkende

 

1/11/2021 (Mandag)

3/11/2021 (Onsdag)

Ledige plasser

Landsdekkende

 

13/12/2021 (Mandag)

15/12/2021 (Onsdag)

Ledige plasser

Landsdekkende

 

Siste anmeldelser fra studenten vår