Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide

You're reading from   Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide Manage, monitor, and respond to threats using Microsoft Security Stack for securing IT systems

Arrow left icon
Product type Paperback
Published in Mar 2022
Publisher Packt
ISBN-13 9781803231891
Length 288 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Trevor Stuart Trevor Stuart
Author Profile Icon Trevor Stuart
Trevor Stuart
Joe Anich Joe Anich
Author Profile Icon Joe Anich
Joe Anich
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Section 1 – Exam Overview and Evolution of Security Operations
2. Chapter 1: Preparing for Your Microsoft Exam and SC-200 Objectives FREE CHAPTER 3. Chapter 2: The Evolution of Security and Security Operations 4. Section 2 – Implementing Microsoft 365 Defender Solutions
5. Chapter 3: Implementing Microsoft Defender for Endpoint 6. Chapter 4: Implementing Microsoft Defender for Identity 7. Chapter 5: Understanding and Implementing Microsoft Defender for Cloud (Microsoft Defender for Cloud Standard Tier) 8. Section 3 – Familiarizing Yourself with Alerts, Incidents, Evidence, and Dashboards
9. Chapter 6: An Overview: Microsoft Defender for Endpoint Alerts, Incidents, Evidence, and Dashboards 10. Chapter 7: Microsoft Defender for Identity, What Happened, Alerts, and Incidents 11. Chapter 8: Microsoft Defender for Office – Threats to Productivity 12. Chapter 9: Microsoft Defender for Cloud Apps and Protecting Your Cloud Apps 13. Section 4 – Setting Up and Connecting Data Sources to Microsoft Sentinel
14. Chapter 10: Setting Up and Configuring Microsoft Sentinel 15. Section 5 – Hunting Threats within Microsoft 365 Defender and Microsoft Sentinel
16. Chapter 11: Advanced Threat Hunting, Microsoft 365 Defender Portal, and Sentinel 17. Chapter 12: Knowledge Check 18. Other Books You May Enjoy

Chapter 1: Preparing for Your Microsoft Exam and SC-200 Objectives

Welcome to Microsoft SC-200 Exam Prep and Beyond and Chapter 1, Preparing for Your Microsoft Exam and SC-200 Objectives. This chapter is dedicated to ensuring that you are ready for the Microsoft SC-200 exam and that you fully understand the objectives, along with how they apply in the real world. It's one thing to pass an exam but a whole other thing to apply exam topics to your day-to-day job. Let's get into it!

In both traditional and modern enterprises, the Microsoft security operations analyst is the key pivot point and collaborator with both individual contributors and enterprise stakeholders. This role in most organizations has one goal in mind – to protect against, secure against, detect, and respond to threats present in an enterprise as expeditiously as possible. They are responsible for reducing organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate teams and stakeholders. Historically, this level of responsibility came with a lot of tooling, alert fatigue, manual or human interaction in investigations, and so on.

What we hope to make clear is that there has been a massive evolution of security operations for most enterprises. Tooling has changed, and the power of the cloud has added great value to tools that Security Operations Team (SOC) analysts are required to use day to day to successfully deliver in the Microsoft security operations analyst position for enterprises today.

This chapter will cover the following topics to get us started:

  • Preparing for a Microsoft exam
  • Introducing the resources available and accessing Microsoft Learn
  • Creating a Microsoft demo tenant

It is important to note that in November 21 some Microsoft Security Services have been renamed. These are renamed as follows:

  • Microsoft Cloud App Security (MCAS) is now called Microsoft Defender for Cloud Apps
  • System Center Configuration Manager (SCCM) is now called Microsoft Endpoint Configuration Manager (MECM)
  • Azure Sentinel is now called Microsoft Sentinel
  • Azure defender is now Microsoft Defender for Cloud
  • Azure Security Center is now called Microsoft Defender for Cloud
  • Playbook is now called Workflow automation
You have been reading a chapter from
Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide
Published in: Mar 2022
Publisher: Packt
ISBN-13: 9781803231891
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime