Description
Duration: 4 days
SC-200T00 covers how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Defender for Cloud. Students learn to configure Microsoft Sentinel and write Kusto Query Language (KQL) queries for detection, analysis, and reporting. The course targets professionals working in security operations roles and aligns with the SC-200: Microsoft Security Operations Analyst exam.
Target Audience
- Security Operations Analysts
- SOC Analysts
- Threat Hunters
- Incident Responders
Prerequisites
- Basic familiarity with Microsoft 365
- General knowledge of Microsoft security, compliance, and identity products
- Intermediate-level experience with Windows 10
- Working knowledge of Azure services, including Azure SQL Database and Azure Storage
- Familiarity with Azure virtual machines and virtual networking concepts
- Basic understanding of scripting concepts
What’s included?
- Authorized Courseware
- Intensive Hands on Skills Development with an Experienced Subject Matter Expert
- Hands on practice on real Servers and extended lab support 1.800.482.3172
- Examination Vouchers & Onsite Certification Testing – (excluding Adobe and PMP Boot Camps)
- Academy Code of Honor: Test Pass Guarantee
- Optional: Package for Hotel Accommodations, Lunch and Transportation
With several convenient training delivery methods offered, The Code Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Code Academy for an engaging and effective learning experience.
Methods
- Instructor Led (the best training format we offer)
- Live Online Classroom – Online Instructor Led
- Self-Paced Video
Speak to an Admissions Representative for complete details
| Start | Finish | Public Price | Public Enroll | Private Price | Private Enroll |
|---|---|---|---|---|---|
| 5/25/2026 | 5/28/2026 | ||||
| 6/15/2026 | 6/18/2026 | ||||
| 7/6/2026 | 7/9/2026 | ||||
| 7/27/2026 | 7/30/2026 | ||||
| 8/17/2026 | 8/20/2026 | ||||
| 9/7/2026 | 9/10/2026 | ||||
| 9/28/2026 | 10/1/2026 | ||||
| 10/19/2026 | 10/22/2026 | ||||
| 11/9/2026 | 11/12/2026 | ||||
| 11/30/2026 | 12/3/2026 | ||||
| 12/21/2026 | 12/24/2026 | ||||
| 1/11/2027 | 1/14/2027 | ||||
| 2/1/2027 | 2/4/2027 | ||||
| 2/22/2027 | 2/25/2027 | ||||
| 3/15/2027 | 3/18/2027 | ||||
| 4/5/2027 | 4/8/2027 | ||||
| 4/26/2027 | 4/29/2027 |
Learning Objectives
- Investigate, respond to, and hunt for threats using Microsoft Sentinel
- Investigate, respond to, and hunt for threats using Microsoft Defender XDR
- Investigate, respond to, and hunt for threats using Microsoft Defender for Cloud
- Apply Microsoft security operations technologies to reduce cyberthreats
- Set up and operate Microsoft Sentinel as a SIEM/SOAR platform
- Write Kusto Query Language (KQL) queries to support detection, analysis, and reporting
- Prepare for the SC-200: Microsoft Security Operations Analyst certification exam
Course Outline
Module 1: Threat Mitigation with Microsoft Defender XDR
Overview of Microsoft Defender XDR threat protection capabilities, managing incidents and alerts across Microsoft 365 Defender products, and working with the Defender suite—including Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps—to investigate and respond to threats.
Module 2: Threat Mitigation with Microsoft Defender for Cloud
Using Microsoft Defender for Cloud to protect hybrid and multi-cloud environments, configuring security policies, assessing security posture, and reviewing and remediating alerts and recommendations produced by Defender for Cloud.
Module 3: Threat Mitigation with Microsoft Sentinel
Deploying and configuring Microsoft Sentinel as a cloud-native SIEM and SOAR solution, connecting data sources, building analytics rules for threat detection, handling incidents, automating responses with playbooks, and using Kusto Query Language (KQL) for threat hunting, detection, and reporting.
