Get Unlimited Microsoft Training With A Firebrand FastPass

Microsoft - Certified: Security Operations Analyst Associate

Duration:

Only 3 Days

Method:

Classroom / Online / Hybrid

Next date:

28/6/2021 (Monday)

Overview

Check out our Microsoft New Security Certifications blog for more information on Microsoft's new Security Career Pathway.

On this accelerated Microsoft Certified: Security Operations Analyst Associate course, you’ll learn to investigate and respond to threats to your business using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products.

In just 3 days, you’ll build knowledge on collaborating with stakeholders to secure information technology systems for your organisation. You’ll also learn how to:

Reduce business risk by rapidly remediating active attacks in the environment
Advising on improvements to threat protection practices
Refer violations of business policies to appropriate stakeholders

At the end of this course, you’ll sit exam Exam SC-200: Microsoft Security Operations Analyst (currently beta) and achieve your certification. As Firebrand are a Microsoft Gold Partner for Learning, you’ll get access to the official exam, Microsoft Official Curriculum (MOCs) and learn from Microsoft Certified Trainers (MCTs).

Through Firebrand’s Lecture | Lab | Review methodology, you’ll achieve your certification twice as fast as traditional training.

See prices now to find out how much you could save when you train at twice the speed.

See prices

Seven reasons why you should sit your course with Firebrand Training

Two options of training. Choose between residential classroom-based, or online courses
You'll be certified in just 3 days. With us, you’ll be trained in record time
Our course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
Pass first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
You’ll learn more. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
You’ll be studying with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 102,779 professionals, and we’re partners with all of the big names in the business

Think you are ready for the course? Take a FREE practice test to assess your knowledge!

Free Practice Test

Benefits

Use your free Microsoft training vouchers

You may be entitled to heavily-discounted training via Microsoft's Software Assurance Training Voucher (SATV) scheme. If your business has bought Microsoft software, check to see if it came bundled with free training vouchers! Vouchers can be exchanged against training for all Microsoft technologies. If you’re unsure, get in touch with us

Benefits of Training with Firebrand

Two options of training - Residential classroom-based, or online courses
A purpose-built training centre – get access to dedicated Pearson VUE Select facilities
Certification Guarantee – pass first time or train again free (just pay for accommodation, exams and incidental costs)
Everything you need to certify – you’ll sit your exam at the earliest available opportunity after the course - either immediately after your classroom course, or as soon as there are slots available, if you've taken it online
No hidden extras – one cost covers everything you need to certify

Curriculum

Course SC-200T00-A: Microsoft Security Operations Analyst

Module 1: Mitigate threats using Microsoft Defender for Endpoint

Protect against threats with Microsoft Defender for Endpoint
Deploy the Microsoft Defender for Endpoint environment
Implement Windows 10 security enhancements with Microsoft Defender for Endpoint
Manage alerts and incidents in Microsoft Defender for Endpoint
Perform device investigations in Microsoft Defender for Endpoint
Perform actions on a device using Microsoft Defender for Endpoint
Perform evidence and entities investigations using Microsoft Defender for Endpoint
Configure and manage automation using Microsoft Defender for Endpoint
Configure for alerts and detections in Microsoft Defender for Endpoint
Utilise Threat and Vulnerability Management in Microsoft Defender for Endpoint

Module 2: Mitigate threats using Microsoft 365 Defender

Introduction to threat protection with Microsoft 365
Mitigate incidents using Microsoft 365 Defender
Protect your identities with Azure AD Identity Protection
Remediate risks with Microsoft Defender for Office 365
Safeguard your environment with Microsoft Defender for Identity
Secure your cloud apps and services with Microsoft Cloud App Security
Respond to data loss prevention alerts using Microsoft 365
Manage insider risk in Microsoft 365

Module 3: Mitigate threats using Azure Defender

Plan for cloud workload protections using Azure Defender
Explain cloud workload protections in Azure Defender
Connect Azure assets to Azure Defender
Connect non-Azure resources to Azure Defender
Remediate security alerts using Azure Defender

Module 4: Create queries for Azure Sentinel using Kusto Query Language (KQL)

Construct KQL statements for Azure Sentinel
Analyse query results using KQL
Build multi-table statements using KQL
Work with data in Azure Sentinel using Kusto Query Language

Module 5: Configure your Azure Sentinel environment

Introduction to Azure Sentinel
Create and manage Azure Sentinel workspaces
Query logs in Azure Sentinel
Use watchlists in Azure Sentinel
Utilise threat intelligence in Azure Sentinel

Module 6: Connect logs to Azure Sentinel

Connect data to Azure Sentinel using data connectors
Connect Microsoft services to Azure Sentinel
Connect Microsoft 365 Defender to Azure Sentinel
Connect Windows hosts to Azure Sentinel
Connect Common Event Format logs to Azure Sentinel
Connect syslog data sources to Azure Sentinel
Connect threat indicators to Azure Sentinel

Module 7: Create detections and perform investigations using Azure Sentinel

Threat detection with Azure Sentinel analytics
Threat response with Azure Sentinel playbooks
Security incident management in Azure Sentinel
Use entity behaviour analytics in Azure Sentinel
Query, visualise, and monitor data in Azure Sentinel

Module 8: Perform threat hunting in Azure Sentinel

Threat hunting with Azure Sentinel
Hunt for threats using notebooks in Azure Sentinel

Exam Track

As part of your accelerated course, you’ll sit the following exam at the Firebrand Training centre, covered by your Certification Guarantee:

Exam SC-200: Microsoft Security Operations Analyst - currently beta

Exam code: SC-200
English: Language
Domains:

Mitigate threats using Microsoft 365 Defender (25-30%)
Mitigate threats using Azure Defender (25-30%)
Mitigate threats using Azure Sentinel (40-45%)

What's Included

Your accelerated course includes:

Accommodation *
Meals, unlimited snacks, beverages, tea and coffee *
On-site exams **
Exam vouchers **
Practice tests **
Certification Guarantee ***
Courseware
Up-to 12 hours of instructor-led training each day
24-hour lab access
Digital courseware **

* For residential training only. Doesn't apply for online courses
** Some exceptions apply. Please refer to the Exam Track or speak with our experts
*** Pass first time or train again free (just pay for accommodation, exams and incidental costs)

Prerequisites

Before taking this accelerated course, you should have a basic understanding of the following topics:

Microsoft 365
Microsoft security, compliance, and identity products
Azure services, specifically Azure SQL Database and Azure Storage
Azure virtual machines and virtual networking
Scripting concepts

And an intermediate understanding of the following:

Windows 10

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.

Reviews

Here's the Firebrand Training review section. Since 2001 we've trained exactly 102,779 students and asked them all to review our Accelerated Learning. Currently, 96.68% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.

"Intense but rewarding."
K.C.. (29/3/2021 (Monday) to 3/4/2021 (Saturday))

"Intensive immersion in the subject matter, but as always excellent training to get a good foot hold on the material!"
J.H.. (29/3/2021 (Monday) to 3/4/2021 (Saturday))

"Really high-quality training with plentiful resources to get a beginner started. This has given me the confidence to get certified later on this month."
W.B.. (26/3/2021 (Friday) to 26/3/2021 (Friday))

"All in all great experience. I am new to Azure and I learned a whole lot in the Data Fundamentals course. The instructor did a great job as the online tutor! Will come back in time for more, thanks."
Yanick Fischer, Student. (26/3/2021 (Friday) to 26/3/2021 (Friday))

"It has been really useful to develop my knowledge!"
A.F.. (26/3/2021 (Friday) to 26/3/2021 (Friday))

Course Dates

Start	Finish	Status	Location
22/2/2021 (Monday)	24/2/2021 (Wednesday)	Finished - Leave feedback	-
28/6/2021 (Monday)	30/6/2021 (Wednesday)	Wait list	Nationwide
9/8/2021 (Monday)	11/8/2021 (Wednesday)	Limited availability	Nationwide
20/9/2021 (Monday)	22/9/2021 (Wednesday)	Open	Nationwide
1/11/2021 (Monday)	3/11/2021 (Wednesday)	Open	Nationwide
13/12/2021 (Monday)	15/12/2021 (Wednesday)	Open	Nationwide