search

SC-200

hashtag
What is the SC-200

Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.

hashtag
My study plan

Study guide: Link to Microsoft FAQarrow-up-right

Instructor Led Courses: Link to learning contentarrow-up-right

Practice Test: Link to practice testarrow-up-right

MS Press Resources: Link to MS Storearrow-up-right

MS Exam Sandbox: Link to MS Exam Sandboxarrow-up-right

MS Self-Directed Learning: Link to MS learning pagearrow-up-right

hashtag
Main areas of focus

  • Manage a security operations environment (25–30%)

  • Configure protections and detections (15–20%)

  • Manage incident response (35–40%)

  • Perform threat hunting (15–20%)

PreviousExplore identity in Microsoft Entra IDNextMicrosoft Defender XDR

Last updated