Course: Microsoft Security Operations Analyst (Exam SC-200)
duration: 20 hours |
Language: English (US) |
access duration: 180 days |
Incompany available

Details
Do you want to secure information technology systems in your organisation? Then the Microsoft Security Operations Analyst certification is for you. As a Security Operations Analyst, you can reduce risk for organisations by quickly resolving active attacks, advising on improvements to security practices against threats and referring security policy violations to the appropriate stakeholders.
This course covers four domains that will be tested on the SC-200 exam.
- Threat mitigation using Microsoft 365 Defender (25-30%);
- Threat mitigation using Microsoft Defender for Cloud (25-30%)
- Threat mitigation using Microsoft Sentinel (40-45%) .
Result
After completing this course, you will be able to mitigate security threats using Microsoft 365 Defender, Microsoft Defender for Cloud and Microsoft Sentinel.
You will also be optimally prepared for the Microsoft Security Operations Analyst (SC-200) exam.
Prerequisites
You have knowledge of the following subjects:
- attack vectors;
- cyberthreats;
- incident management ;
- Kusto Query Language (KQL).
You are also familiar with Microsoft 365 and Azure services.
The SC-900 training course helps you to acquire the necessary basic knowledge.
Target audience
System Administrator, Security Specialist
Content
Microsoft Security Operations Analyst (Exam SC-200)
SC-200 Microsoft Security Operations Analyst, Part 1 of 9: Course Overview
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers an
- introduction for what to expect as well as well as setting up
- environment and course overview.
SC-200 Microsoft Security Operations Analyst, Part 2 of 9: Microsoft 365 Defender
The SC-200 Microsoft Security Operations Analyst exam measures your ability to accomplish the following technical tasks: mitigate threats using Microsoft 365 Defender (25-30%); mitigate threats using Microsoft Defender for Cloud (25-30%); and mitigate threats using Microsoft Sentinel (40-45%) .
SC-200 Microsoft Security Operations Analyst, Part 3 of 9: Microsoft Defender for Endpoint
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers Mitigate
- threats using Microsoft Defender for Endpoint.
SC-200 Microsoft Security Operations Analyst, Part 4 of 9: Microsoft Defender for Cloud
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers Mitigate
- threats using Microsoft Defender for Cloud.
SC-200 Microsoft Security Operations Analyst, Part 5 of 9: Kusto Query Language
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers Kusto Query
- Language queries for Microsoft Sentinel.
SC-200 Microsoft Security Operations Analyst, Part 6 of 9: Configure Microsoft Sentinel
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers Configure
- Microsoft Sentinel.
SC-200 Microsoft Security Operations Analyst, Part 7 of 9: Microsoft Sentinel Logging
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers Connect logs
- to Microsoft Sentinel.
SC-200 Microsoft Security Operations Analyst, Part 8 of 9: Detection with Microsoft Sentinel
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers Detection
- and investigations using Microsoft Sentinel.
SC-200 Microsoft Security Operations Analyst, Part 9 of 9: Microsoft Sentinel Threat Hunting
The SC-200 Microsoft Security Operations Analyst exam measures
- your ability to accomplish the following technical tasks: mitigate
- threats using Microsoft 365 Defender (25-30%); mitigate threats
- using Microsoft Defender for Cloud (25-30%); and mitigate threats
- using Microsoft Sentinel (40-45%) . This course covers Threat
- hunting in Microsoft Sentinel.
Course options
We offer several optional training products to enhance your learning experience. If you are planning to use our training course in preperation for an official exam then whe highly recommend using these optional training products to ensure an optimal learning experience. Sometimes there is only a practice exam or/and practice lab available.
Optional practice exam (trial exam)
To supplement this training course you may add a special practice exam. This practice exam comprises a number of trial exams which are very similar to the real exam, both in terms of form and content. This is the ultimate way to test whether you are ready for the exam.
Optional practice lab
To supplement this training course you may add a special practice lab. You perform the tasks on real hardware and/or software applicable to your Lab. The labs are fully hosted in our cloud. The only thing you need to use our practice labs is a web browser. In the LiveLab environment you will find exercises which you can start immediately. The lab enviromentconsist of complete networks containing for example, clients, servers,etc. This is the ultimate way to gain extensive hands-on experience.
Sign In
WHY_ICTTRAININGEN
Via ons opleidingsconcept bespaar je tot 80% op trainingen
Start met leren wanneer je wilt. Je bepaalt zelf het gewenste tempo
Spar met medecursisten en profileer je als autoriteit in je vakgebied.
Ontvang na succesvolle afronding van je cursus het officiële certificaat van deelname van Icttrainingen.nl
Krijg inzicht in uitgebreide voortgangsinformatie van jezelf of je medewerkers
Kennis opdoen met interactieve e-learning en uitgebreide praktijkopdrachten door gecertificeerde docenten
Orderproces
Once we have processed your order and payment, we will give you access to your courses. If you still have any questions about our ordering process, please refer to the button below.
read more about the order process
Een zakelijk account aanmaken
Wanneer u besteld namens uw bedrijf doet u er goed aan om aan zakelijk account bij ons aan te maken. Tijdens het registratieproces kunt u hiervoor kiezen. U heeft vervolgens de mogelijkheden om de bedrijfsgegevens in te voeren, een referentie en een afwijkend factuuradres toe te voegen.
Betaalmogelijkheden
U heeft bij ons diverse betaalmogelijkheden. Bij alle betaalopties ontvangt u sowieso een factuur na de bestelling. Gaat uw werkgever betalen, dan kiest u voor betaling per factuur.

Cursisten aanmaken
Als u een zakelijk account heeft aangemaakt dan heeft u de optie om cursisten/medewerkers aan te maken onder uw account. Als u dus meerdere trainingen koopt, kunt u cursisten aanmaken en deze vervolgens uitdelen aan uw collega’s. De cursisten krijgen een e-mail met inloggegevens wanneer zij worden aangemaakt en wanneer zij een training hebben gekregen.
Voortgangsinformatie
Met een zakelijk account bent u automatisch beheerder van uw organisatie en kunt u naast cursisten ook managers aanmaken. Beheerders en managers kunnen tevens voortgang inzien van alle cursisten binnen uw organisatie.
What is included?
Certificate of participation | Yes |
Monitor Progress | Yes |
Mobile ready | Yes |
Sharing knowledge | Unlimited access to our IT professionals community |
Study advice | Our consultants are here for you to advice about your study career and options |
Study materials | Certified teachers with in depth knowledge about the subject. |
Service | World's best service |
Platform
Na bestelling van je training krijg je toegang tot ons innovatieve leerplatform. Hier vind je al je gekochte (of gevolgde) trainingen, kan je eventueel cursisten aanmaken en krijg je toegang tot uitgebreide voortgangsinformatie.

FAQ
Niet gevonden wat je zocht? Bekijk alle vragen of neem contact op.