Microsoft Certified: Security Operations Analyst Associate (SC-200)

On this accelerated Microsoft Certified: Security Operations Analyst Associate course, you’ll learn to investigate and respond to threats to your business using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products.

In just 3 days, you’ll build knowledge on collaborating with stakeholders to secure information technology systems for your organisation. You’ll also learn how to:

• Reduce business risk by rapidly remediating active attacks in the environment
• Advising on improvements to threat protection practices
• Refer violations of business policies to appropriate stakeholders

At the end of this course, you’ll sit exam Exam SC-200: Microsoft Security Operations Analyst and achieve your certification. As Firebrand are a Microsoft Gold Partner for Learning, you’ll get access to the official exam, Microsoft Official Curriculum (MOCs) and learn from Microsoft Certified Trainers (MCTs).

Through Firebrand’s Lecture | Lab | Review methodology, you’ll achieve your certification twice as fast as traditional training.

SC-200: Microsoft Certified: Security Operations Analyst Associate:

• Module 1: Introduction to Microsoft Defender XDR threat protection
• Module 2: Mitigate incidents using Microsoft Defender XDR
• Module 3: Protect your identities with Entra ID Protection
• Module 4: Remediate risks with Microsoft Defender for Office 365
• Module 5: Safeguard your environment with Microsoft Defender for Identity
• Module 6: Secure your cloud apps and services with Microsoft Defender for Cloud Apps
• Module 7: Fundamentals of Generative AI
• Module 8: Describe Microsoft Copilot for Security
• Module 9: Describe the core features of Microsoft Copilot for Security
• Module 10: Describe the embedded experiences of Microsoft Copilot for Security
• Module 11: Respond to data loss prevention alerts using Microsoft 365
• Module 12: Manage insider risk in Microsoft Purview
• Module 13: Search and investigate with Microsoft Purview Audit
• Module 14: Investigate threats with Content search in Microsoft Purview
• Module 15: Protect against threats with Microsoft Defender for Endpoint
• Module 16: Deploy the Microsoft Defender for Endpoint environment
• Module 17: Implement Windows security enhancements with Microsoft Defender for Endpoint
• Module 18: Perform device investigations in Microsoft Defender for Endpoint
• Module 19: Perform actions on a device using Microsoft Defender for Endpoint
• Module 20: Perform evidence and entities investigations using Microsoft Defender for Endpoint
• Module 21: Configure and manage automation using Microsoft Defender for Endpoint
• Module 22: Configure for alerts and detections in Microsoft Defender for Endpoint
• Module 23: Utilize Vulnerability Management in Microsoft Defender for Endpoint
• Module 24: Plan for cloud workload protections using Microsoft Defender for Cloud
• Module 25: Connect Azure assets to Microsoft Defender for Cloud
• Module 26: Connect non-Azure resources to Microsoft Defender for Cloud
• Module 27: Manage your cloud security posture management
• Module 28: Explain cloud workload protections in Microsoft Defender for Cloud
• Module 29: Remediate security alerts using Microsoft Defender for Cloud

As part of this accelerated course, you’ll sit for the following exam at the Firebrand Training centre, covered by your Certification Guarantee:

SC-200:

• Manage a security operations environment (20–25%)

• Configure protections and detections (15–20%)

• Manage incident response (35–40%)

• Perform threat hunting (15–20%)

Before taking this accelerated course, you should have a basic understanding of the following topics:

• Microsoft 365
• Microsoft security, compliance, and identity products
• Azure services, specifically Azure SQL Database and Azure Storage
• Azure virtual machines and virtual networking
• Scripting concepts

And an intermediate understanding of the following:

• Windows 10

Your accelerated course includes:

• Accommodation *
• Meals, unlimited snacks, beverages, tea and coffee *
• On-site exams **
• Exam vouchers **
• Practice tests **
• Certification Guarantee ***
• Courseware
• Up to 12 hours of instructor-led training each day
• 24-hour lab access
• Digital courseware **

* For residential training only. Accommodation is included from the night before the course starts. This doesn't apply to online courses.
** Some exceptions apply. Please refer to the Exam Track or speak with our experts.
*** Pass the first time or train again for free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.

Seven reasons why you should sit your course with Firebrand Training

• Three training options. Choose between residential classroom-based, live online, or city-centre courses
• You'll be certified fast. With us, you’ll be trained in record time
• Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
• Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
• You’ll learn more. Our expert instructors cover exclusive additional materials not taught through the official curriculum
• You’ll learn faster. Chances are, you’ll have a different learning style compared to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
• You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals

*For residential training only. Doesn't apply to online courses
**Some exceptions apply. Please refer to the Exam Track or speak with our experts

Are you ready for the course? 

Get access to free practice tests here:  Free Practice Test