->

Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide Manage, monitor, and respond to threats

English | 2022 | ISBN: ‎ 1803231890 | 288 pages | True PDF EPUB | 32.16 MB


 

Remediate active attacks to reduce risk to the organization by investigating, hunting, and responding to threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender

Key Features

Detect, protect, investigate, and remediate threats using Microsoft Defender for endpoint

Explore multiple tools using the M365 Defender Security Center

Get ready to overcome real-world challenges as you prepare to take the SC-200 exam

Book Description

Security in information technology has always been a topic of discussion, one that comes with various backgrounds, tools, responsibilities, education, and change! The SC-200 exam comprises a wide range of topics that introduce Microsoft technologies and general operations for security analysts in enterprises. This book is a comprehensive guide that covers the usefulness and applicability of Microsoft Security Stack in the daily activities of an enterprise security operations analyst.

Starting with a quick overview of what it takes to prepare for the exam, you'll understand how to implement the learning in real-world scenarios. You'll learn to use Microsoft's security stack, including Microsoft 365 Defender, and Microsoft Sentinel, to detect, protect, and respond to adversary threats in your enterprise. This book will take you from legacy on-premises SOC and DFIR tools to leveraging all aspects of the M365 Defender suite as a modern replacement in a more effective and efficient way.

By the end of this book, you'll have learned how to plan, deploy, and operationalize Microsoft's security stack in your enterprise and gained the confidence to pass the SC-200 exam.

What you will learn

Discover how to secure information technology systems for your organization

Manage cross-domain investigations in the Microsoft 365 Defender portal

Plan and implement the use of data connectors in Microsoft Defender for Cloud

Get to grips with designing and configuring a Microsoft Sentinel workspace

Configure SOAR (security orchestration, automation, and response) in Microsoft Sentinel

Find out how to use Microsoft Sentinel workbooks to analyze and interpret data

Solve mock tests at the end of the book to test your knowledge

Who this book is for

This book is for security professionals, cloud security eeers, and security analysts who want to learn and explore Microsoft Security Stack. Anyone looking to take the SC-200 exam will also find this guide useful. A basic understanding of Microsoft technologies and security concepts will be beneficial.

Table of Contents

Preparing for the Microsoft Exam and SC-200 Objectives

The Evolution of Security and Security Operations

Implementing Microsoft Defender for Endpoint

Implementing Microsoft Defender for Identity

Understanding and Implementing Microsoft Defender for Cloud (Microsoft Defender for Cloud Standard Tier)

An Overview: Microsoft Defender for Endpoint Alerts, Incidents, Evidence, and Dashboards

Microsoft Defender for Identity: Alerts and Incidents

Microsoft Defender for Office: Threats to Productivity

Microsoft Defender for Cloud Apps and Protecting your Cloud Apps

Setting Up and Configuring Microsoft Sentinel

Advanced Threat Hunting, Microsoft 365 Defender Portal, and Sentinel

Knowledge Check

 

Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide Manage, monitor, and respond to threats

 

 


 TO MAC USERS: If RAR password doesn't work, use this archive program: 

RAR Expander 0.8.5 Beta 4  and extract password protected files without error.


 TO WIN USERS: If RAR password doesn't work, use this archive program: 

Latest Winrar  and extract password protected files without error.


 Themelli   |  

Information
Members of Guests cannot leave comments.




rss