You're reading from Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide Manage, monitor, and respond to threats using Microsoft Security Stack for securing IT systems

Product type Paperback

Published in Mar 2022

Publisher Packt

ISBN-13 9781803231891

Length 288 pages

Edition 1st Edition

Tools

Microsoft Sentinel

Concepts

Cybersecurity

Authors (2):

Trevor Stuart

Joe Anich

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1 – Exam Overview and Evolution of Security Operations

2. Chapter 1: Preparing for Your Microsoft Exam and SC-200 Objectives FREE CHAPTER

3. Chapter 2: The Evolution of Security and Security Operations

4. Section 2 – Implementing Microsoft 365 Defender Solutions

5. Chapter 3: Implementing Microsoft Defender for Endpoint

6. Chapter 4: Implementing Microsoft Defender for Identity

7. Chapter 5: Understanding and Implementing Microsoft Defender for Cloud (Microsoft Defender for Cloud Standard Tier)

8. Section 3 – Familiarizing Yourself with Alerts, Incidents, Evidence, and Dashboards

9. Chapter 6: An Overview: Microsoft Defender for Endpoint Alerts, Incidents, Evidence, and Dashboards

10. Chapter 7: Microsoft Defender for Identity, What Happened, Alerts, and Incidents

11. Chapter 8: Microsoft Defender for Office – Threats to Productivity

12. Chapter 9: Microsoft Defender for Cloud Apps and Protecting Your Cloud Apps

13. Section 4 – Setting Up and Connecting Data Sources to Microsoft Sentinel

14. Chapter 10: Setting Up and Configuring Microsoft Sentinel

15. Section 5 – Hunting Threats within Microsoft 365 Defender and Microsoft Sentinel

16. Chapter 11: Advanced Threat Hunting, Microsoft 365 Defender Portal, and Sentinel

17. Chapter 12: Knowledge Check

18. Other Books You May Enjoy

Summary

Alright, so, MDI – what a cool product, and easy to install, right? We'll talk so much more about it in terms of how it works from a threat-hunting standpoint in Chapter 7, Microsoft Defender for Identity: Alerts and Incidents where we will discuss alerts, incidents, evidence, and timelines. We just had to get through the setup first to make sure that we set ourselves up for success. So, what did we learn in this chapter? Let's recap together:

Understanding prerequisites: We talked about all the work we need to put in ahead of time to ensure that our deployments are successful and that our environment is in optimal shape.
Deployment options: Here, we talked about the various ways to install, whether that was by manual GUI installation, silent installation, or even an MECM deployment option.
Troubleshooting guide: In this section, we touched on the more common issues you'll run into and what we can do to address them. I also provided the...

The rest of the chapter is locked

You're reading from Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide Manage, monitor, and respond to threats using Microsoft Security Stack for securing IT systems

Table of Contents (19) Chapters

Summary

Unlock this book and the full library FREE for 7 days

Authors (2)

Personalised recommendations for you