SEC 320 - Microsoft Security Operations Analysts
Course Description
Microsoft Security Operations Analysts are responsible for protecting an organization’s IT infrastructure against cyber security threats. They have the expertise to proactively identify and mitigate potential security risks, preventing costly and damaging breaches from occurring.
Learn practical knowledge and skills to secure information technology systems and reduce organizational risk. You will learn threat management, monitoring, and response by using a variety of security solutions.
Students will learn how to investigate, respond to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products.
This course covers the objectives for Microsoft Exam SC-200: Microsoft Security Operations Analyst.
The University of Calgary is Microsoft Education Global Training Partner.
Course Details
Learning Outcomes
By the completion of this course, successful students will be able to:
- Configure Microsoft Defender for Endpoint and Microsoft Defender for Cloud to mitigate threats
- Conduct advanced hunting and manage incidents in Microsoft 365 Defender
- Construct KQL statements to filter searches based on event time, severity, domain, and other relevant data
- Perform investigations using Microsoft Sentinel
Topics
- Mitigate threats using Microsoft 365 Defender
- Mitigate threats using Microsoft Defender for Endpoint
- Mitigate threats using Microsoft Defender for Cloud
- Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
- Configure your Microsoft Sentinel environment
- Connect logs to Microsoft Sentinel
- Create detections and perform investigations using Microsoft Sentinel
- Perform threat hunting in Microsoft Sentinel
Notes
This course includes hands-on activities to reinforce the concepts taught and provide a practical learning experience.
Lab access will be provided at no additional cost.
Prerequisites
No mandatory prerequisite.
Self-assessment for enrolment:
A minimum of 6 months relevant working experience and knowledge in:
- Microsoft 365, Microsoft Windows
- Microsoft security, compliance, and identity products
- Azure services, specifically Azure SQL Database and Azure Storage
- Azure VMs and virtual networking
- Scripting language
Recommended prerequisites:
- ICT 902 Microsoft Azure Fundamentals
- ICT 905 Microsoft Azure Data Fundamentals
- CSC 120 Linux Plus
- CSC 130 Security Plus or ICT 907 Security, Compliance, and Identity Fundamentals
Applies Towards the Following Program(s)
- Cloud Security on Microsoft Azure : Required