SC-200: Microsoft Security Operations Analyst

Focused View

Anand Rao Nednur

12:43:04

74 View

1 - Introduction

1 - Mandiant-Forecast-Report-2023.pdf

1 - SC-200-Learning-Resources.pdf

1 - SKILLS-GAINED-SC-200.pdf

1 - The Need for SOC Team.mp4

04:18

2 - SC200 Microsoft Security Operations Analyst Course Introduction.mp4

02:30

2 - SC-200-Reviews.pdf

3 - Microsoft-Digital-Defense-Report-2022.pdf

3 - SC 200 May 2022 Update.mp4

01:56

3 - sc 200 course details from ms and other references.zip

4 - Reviews Thank You.mp4

00:53

2 - Module 1 Mitigate threats using Microsoft 365 Defender

5 - Module 1 Learning Objectives.mp4

01:09

6 - Introduction to Threat Protection.mp4

03:24

7 - Microsoft 365 Defender Suite.mp4

01:30

8 - Typical Timeline of An Attack.mp4

02:41

9 - Microsoft 365 Defender Interactive Demonstration.mp4

02:09

10 - Mitigate incidents using Microsoft 365 Defender Chapter Introduction.mp4

02:01

11 - How to Create your Playground Lab Environment.mp4

05:18

11 - set up your microsoft 365 defender trial in a lab environment.zip

12 - Microsoft 365 Defender portal Introduction.mp4

04:16

13 - Managing Incidents.mp4

02:41

14 - More about incidents.mp4

03:52

15 - Simulate Incidents Tor Browser.mp4

01:50

16 - Managing Incidents.mp4

02:41

17 - Managing Alerts.mp4

05:40

18 - Investigating Incidents MITRE ATTACK.mp4

07:55

19 - Advance Hunting.mp4

01:54

20 - Advance Hunting Schema.mp4

04:27

21 - Exploring the Kusto Queries.mp4

07:38

22 - Microsoft Threat Experts.mp4

01:47

23 - Microsoft Defender for Office 365 Chapter Introduction.mp4

00:37

24 - MIcrosoft Defender for Office 365 Key Capabilities.mp4

04:21

25 - Microsoft Defender for Office 365 Key Capabilities II.mp4

02:45

26 - Safeguard Your Organization M365 Defender for O365 Lab I.mp4

10:46

27 - Safeguard Your Organization M365 Defender for O365 Lab II.mp4

02:33

28 - Attack Simulation Lab Activity.mp4

10:09

29 - Microsoft Defender for Identity Introduction.mp4

00:41

30 - What is Microsoft Defender for Identity.mp4

01:20

31 - Microsoft Defender for Identity Key Capabilities.mp4

06:23

32 - Installing Sensors on Domain Controller 1.mp4

03:40

33 - Installing Sensors on Domain Controller 2.mp4

02:06

34 - Capturing Lateral Movements.mp4

10:53

35 - Threat Hunting Lab.mp4

05:48

36 - Microsoft Defender for Identity Sensors Architecture.mp4

01:13

37 - Protect Your Identities with Azure AD Identity Protection Introduction.mp4

01:17

38 - User Risks SignIn Risks.mp4

03:14

39 - User risk policy Sign in risk policy Lab Activity.mp4

07:11

40 - Cloud App Security Introduction.mp4

00:48

41 - The Cloud App Security Framework.mp4

04:16

42 - Conditional Access App Controls.mp4

05:39

43 - What is Information Protection.mp4

02:44

44 - Insider Risk Management Enable Auditing.mp4

00:43

45 - Phases of Cloud App security.mp4

03:05

46 - Cloud App security Phases Lab Activity.mp4

05:56

47 - Data Loss Prevention Chapter Intro.mp4

01:01

48 - DLP Alerts.mp4

02:16

49 - Create Policies for DLP in Compliance Portal.mp4

06:45

50 - Insider Risk Management.mp4

01:05

51 - What is Insider Risk.mp4

04:01

52 - Pain points of a Modern Workplace.mp4

01:46

53 - Insider Risk management with M365 Defender.mp4

01:45

54 - Insider Risk Management Permissions.mp4

04:14

55 - Module 1 Summary.mp4

01:01

3 - Module 2 Mitigate threats using Microsoft Defender for Endpoint

56 - Module 2 Introduction.mp4

00:49

56 - microsoft defender experts for hunting.zip

56 - microsoft defender experts for hunting proactively hunts threats.zip

57 - Defender for Endpoint Features.mp4

02:40

58 - Defender for Endpoint Terminology.mp4

01:53

59 - Onboarding devices to Defender.mp4

13:02

59 - onboarding devices using gpo refernce.zip

60 - Windows 10 Security Enhancements Chapter Introduction.mp4

01:03

61 - Attack Surface Reduction Rules.mp4

03:35

62 - Attack Surface Rules.mp4

08:05

63 - Device Inventory.mp4

04:42

64 - Device Investigation Alerts.mp4

08:19

65 - Behavioral Blocking.mp4

02:29

66 - Client Behavioral Blocking.mp4

01:29

67 - EDR Block Mode.mp4

01:08

68 - EDR Block Mode Lab Activity.mp4

02:09

69 - Performing Actions on the device.mp4

11:02

70 - Live Response.mp4

04:54

71 - Perform Evidence and Entities Investigations.mp4

02:41

72 - User Investigations.mp4

03:50

73 - Advance Automated Remediation Features Endpoint.mp4

04:07

74 - Managing File Uploads.mp4

01:59

75 - Automation folder exclusion.mp4

01:31

76 - File Level Investigation.mp4

07:41

77 - Automating Device group remediation.mp4

03:24

78 - Blocking Risky Devices using Intune Defender and Azure AD.mp4

10:09

79 - Configure Alerts and Detections Chapter Introduction.mp4

00:52

80 - Configuring Advance Features.mp4

02:16

81 - Configuring Email Notifications.mp4

05:13

82 - Indicators of Compromise.mp4

04:53

83 - 28 Threat and Vulnerability Management Chapter Introduction.mp4

00:58

84 - 29 Threat and Vulnerability Management Explanation.mp4

05:36

85 - Module 2 Summary.mp4

02:25

4 - Module 3 Mitigate threats using Microsoft Defender for Cloud

86 - Module 3 Introduction.mp4

01:08

87 - What is Azure Security Center.mp4

02:47

88 - Microsoft Defender for cloud Features.mp4

06:38

89 - Azure Defender for Cloud Lab Activity.mp4

12:53

90 - CSPM and CWP.mp4

01:48

91 - What resources are protected using Microsoft Defender.mp4

01:32

92 - Benefits of Azure Defender for servers.mp4

08:24

93 - Defender for App services.mp4

03:48

94 - Defender for App services Lab.mp4

02:51

95 - Defender for Storage Lab.mp4

06:24

96 - Defender for SQL LAB.mp4

06:43

97 - Defender for Keyvault.mp4

02:27

98 - Defender for DNS.mp4

03:14

99 - Defender for Kubernetes.mp4

06:24

100 - Defender for Container Registry.mp4

03:57

101 - Connect Azure assets to Azure Defender Chapter introduction.mp4

00:39

102 - Asset Inventory LAB.mp4

04:42

103 - Auto provisioning.mp4

04:19

104 - Stored Event types.mp4

02:13

105 - Manual Provisioning.mp4

00:42

106 - Connect nonAzure reosurces to Defender.mp4

00:36

107 - Onboarding Methods.mp4

00:59

108 - Onboard GCP instance to Azure ARC.mp4

09:00

109 - Onboarding AWS Services to Defender for cloud.mp4

07:02

110 - Remediating Security Alerts Chapter Intro.mp4

00:48

111 - Changing World and Attackers.mp4

02:18

112 - What are Security alerts and notifications.mp4

01:21

113 - How does defender work.mp4

03:44

114 - Alert Severity Level.mp4

02:06

115 - Continuous Monitoring and assesments.mp4

01:35

116 - Mitre Attack tactics and alert types.mp4

04:40

117 - Remediating Alerts.mp4

02:53

118 - Automated Responses.mp4

02:41

119 - Alert Supression.mp4

02:56

120 - Module 3 Summary.mp4

01:09

5 - Module 4 Create Queries for Microsoft Sentinel using Kusto Query Language

121 - Module 4 Introduction.mp4

01:21

122 - The Construct of KQL Language.mp4

02:08

123 - The Lab Environment.mp4

04:15

124 - Declaring Variables with Let.mp4

05:30

125 - Search and Where Operator.mp4

06:18

126 - Extend Operator.mp4

03:13

127 - Order By Usage.mp4

03:28

128 - Project Operator.mp4

06:53

129 - Summarize Count and DCount Functions.mp4

08:53

130 - ArgMax and ArgMin Functions.mp4

03:12

131 - MakeList and MakeSet Functions.mp4

03:14

132 - Render Operator.mp4

10:35

133 - Bin Function.mp4

05:05

134 - Union Operator.mp4

03:19

135 - Module 4 Summary.mp4

01:01

6 - Module 5 Microsoft Sentinel Environment Configuration

136 - What is a SIEM Solution.mp4

01:55

136 - microsoft defender experts for xdr.zip

137 - Azure-Sentinel-Use-Cases-for-ATT-CK-based-Detection-Mitig.pdf

137 - Microsoft-Sentinel-Deployment-Best-Practices-Guide.pdf

137 - What is Microsoft Sentinel.mp4

02:28

138 - Microsoft Sentinel Components.mp4

00:22

139 - Data Connectors.mp4

00:59

140 - Log Retention.mp4

00:52

141 - Workbooks.mp4

00:49

142 - Analytics Alerts.mp4

00:47

143 - Threat Hunting.mp4

00:43

144 - Incidents Investigations.mp4

00:47

145 - Automation Playbooks.mp4

01:16

146 - Creating Azure Sentinel Workspace.mp4

04:15

147 - Azure Sentinel RBAC.mp4

08:46

148 - Data Connectors.mp4

05:37

149 - OnBoarding Windows host to Sentinel.mp4

03:21

150 - Ingesting Events to Sentinel.mp4

02:43

151 - Sentinel Watchlist.mp4

02:09

152 - Sentinel Creating a watchlist for Tor Nodesedited.mp4

06:48

153 - Sentinel Create Hunting Query.mp4

17:18

154 - Sentinel Live Stream.mp4

01:52

155 - Sentinel Capturing traffic from TOR Exit Nodes.mp4

07:49

156 - Sentinel Create Analytical Rules.mp4

07:42

157 - Analytical Rule Type Fusion.mp4

04:10

158 - Analytical Rule Types Security Types.mp4

01:36

159 - Analytical Rule Types ML based Behavioral Analytics.mp4

01:09

160 - Analytical Rule Types Anomaly Scheduled Alerts and NRT.mp4

02:23

161 - Creating Anayltics Rules based on Template.mp4

02:00

162 - Creating Analytic Rules based on Wizard.mp4

07:51

163 - Managing the Rules.mp4

02:53

164 - Define Threat Intelligence CTI.mp4

03:11

165 - Create TI Lab Activity.mp4

05:40

7 - Module 6 Microsoft Sentinel Environment Connecting Logs

166 - Module 6 Introduction.mp4

00:35

167 - Connect M365 Defender to Sentinel.mp4

01:10

168 - Office 365 Log Connector.mp4

02:22

169 - Azure Activity Log Connector.mp4

02:06

170 - Azure Active Directory Identity Protection Connector.mp4

02:25

171 - Defender for Office 365 Connector.mp4

02:32

172 - Defender for Endpoint Connector.mp4

04:21

173 - Connect Threat Indicators to Microsoft Sentinel.mp4

06:09

8 - Microsoft Sentinel Environment IncidentsThreat Response UEBA and Monitoring

174 - Module 7 Introduction.mp4

00:33

175 - Key Concepts of Incident Management.mp4

01:08

176 - Investigations in Azure Sentinel.mp4

03:41

177 - Key Concepts of Incident Management II.mp4

02:21

178 - Incident Management in Microsoft Sentinel I.mp4

06:12

179 - Incident Management in Microsoft Sentinel II.mp4

05:20

180 - Brute Force attack against Azure Portal Simulation.mp4

04:06

181 - Threat Response with Microsoft Sentinel Playbooks Introduction Use Case.mp4

02:35

182 - Step 1 Creating Analytical Rule to look for Role membership changes.mp4

05:51

183 - Step 2 Integrate Log Analytics with Azure AD Audit Logs.mp4

03:11

184 - Step 3 Verify Log Analytics.mp4

02:07

185 - Step 4 Incident Creation in Sentinel.mp4

03:18

186 - Step 5 Create Logic App to Integrate with Microsoft Teams.mp4

10:07

187 - Step 6 Edit Analytical Rule to add Logic App Playbooks.mp4

01:41

188 - Finally Testing the Integration.mp4

03:08

189 - UEBA User Entity Behavior Analytics Introduction.mp4

05:05

190 - Entity Behaviour Lab I.mp4

04:18

191 - Entity Behaviour Lab II.mp4

04:44

192 - Workbooks Introduction.mp4

01:26

193 - Create Workbooks Using Template.mp4

08:36

194 - Create Workbook from scratch.mp4

07:04

194 - Microsoft-Sentinel-Technical-Playbook-for-MSSPs.pdf

9 - Module 8 Perform Threat Hunting with Microsoft Sentinel

195 - Module 8 Introduction.mp4

00:42

196 - Cyber Security Threat Hunting.mp4

03:01

197 - The Need for Proactive Hunting.mp4

02:21

198 - Develop a Threat Hunting Hypothesis.mp4

03:59

199 - Threat Hunting Recap.mp4

06:09

200 - Notebooks Introduction.mp4

01:09

201 - Sentinel Notebooks Lab Activity.mp4

08:42

10 - SC 200 Microsoft Security Operations Analyst Course Summary

202 - SC 200 Microsoft Security Operations Analyst Course Summary.mp4

03:26

202 - additional basic and advance training links from ms.zip

202 - additional microsoft resources and refernce.zip

202 - defender for cloud training links from ms.zip

202 - defender for endpoint training link and references from ms.zip

202 - defender for identity training and reference links from ms.zip

202 - defender for office 365 training from ms.zip

202 - microsoft defender for iot training from ms.zip

202 - microsoft identity training links from ms.zip

Description

Become a Microsoft SOC engineer Today!! Learn through lab excercises and practical demonstrations

What You'll Learn?

Define the capabilities of Microsoft Defender for Endpoint.
Understand how to hunt threats within your network.
Explain how Microsoft Defender for Endpoint can remediate risks in your environment.
Create a Microsoft Defender for Endpoint environment
Onboard devices to be monitored by Microsoft Defender for Endpoint
Configure Microsoft Defender for Endpoint environment settings
Investigate incidents in Microsoft Defender for Endpoint
Investigate alerts in Microsoft Defender for Endpoint
Perform advanced hunting in Microsoft Defender for Endpoint
Configure alert settings in Microsoft Defender for Endpoint
Construct KQL statements
Manage indicators in Microsoft Defender for Endpoint
Describe Threat and Vulnerability Management in Microsoft Defender for Endpoint
Identify vulnerabilities on your devices with Microsoft Defender for Endpoint
Track emerging threats in Microsoft Defender for Endpoint

Who is this for?

Participants aspiring for SC 200 Certification

Everyone who aspires to work in the modern age SOC environment

Anyone wants to learn the M365 defender Suite of services

More details

Description

There is no short cut to learning Azure security. This course teaches you how to learn it the right way with tons of labs excercises and the right volume of labs .
The Microsoft Security Operations Analyst works with organizational stakeholders to secure the organization's information technology systems. Their mission is to reduce corporate risk by quickly resolving active attacks in the environment, advising on threat protection practices, and reporting policy violations to the proper stakeholders.
Threat management, monitoring, and response using a variety of security technologies across their environment are among their responsibilities. Using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security tools, the position primarily investigates, responds to, and hunts for threats. The security operations analyst is a key stakeholder in the configuration and implementation of these technologies since they consume the operational output of these solutions.
The following topics needs to be completed in order to achieve SC - 200 Certification.

Module 1 Mitigate threats using Microsoft 365 Defender
Module 2 Mitigate threats using Microsoft Defender for Endpoint
Module 3 Mitigate threats using Azure Defender
Module 4 Create queries for Azure Sentinel using Kusto Query Language
Module 5 Microsoft Sentinel Environment - Configuration
Module 6 Microsoft Sentinel Environment - Connecting Logs
Module 7 Microsoft Sentinel Environment - Incidents,Threat Response , UEBA and Monitoring
Module 8 Module 8 Perform Threat Hunting with Microsoft Sentinel
You will learn to Implement the Microsoft Defender for Endpoint platform to detect, investigate, and respond to advanced threats.
This learning path aligns with exam SC-200: Microsoft Security Operations Analyst Exam.

Reviews from Participants -

In the beginning I was a little intimidated by the immensity of Microsoft security environment, but getting along with the course it all clicked in my head. The concepts are presented at a very good pace and I like that the information is on point. Segmenting the videos in small chunks is also beneficial for time management. I really appreciate and recommend this course! - Adrian Carbune
Great course. I learned a lot about Defender and Sentinel. I especially liked the module on KQL. IMO, it's the best tutorial on Kusto that I've found on the web. If Anand were to create a course that went in-depth on KQL I would certainly purchase it.
-Bill Jones
Anand has structured the course well, so that anyone, irrespective of their experience in Security, would be able to follow with ease. The course aligns very well with the Certification track. I strongly recommend this course to anyone who is interested in understanding Security.
-Moses M
am truley satisfied with this course. Anand nails the security features of M 365 defender suite. The graphics , narration and worlkflows are commendable. Just labs, labs and labs . Its all about getting straight to the point. Great Job!!!
-Gaurav
Great course, congratulations to teacher! Help me a lot to gain very knowledge about Defender and Sentinel. I appreciate it!!!
-Alexandre Gammaro
It was one of the The best course .Your are an amazing Instructor.
-Navid
This course is Awsome! One of the best I've ever made over here in Udemy platform.
-Mauricio Kobayashi
Who this course is for:
Participants aspiring for SC 200 Certification
Everyone who aspires to work in the modern age SOC environment
Anyone wants to learn the M365 defender Suite of services

User Reviews

Rating

average 0

Total votes0

Focused display

Anand Rao is a senior technical instructor and cloud consultant. He has worked with large enterprises for about 15 years and has a wide range of technologies in his portfolio. Anand is adept at not just cloud platforms (Azure , AWS and GCP) but also well-versed with IAM, security and automation with powershell and python.In addition, he has been developing and updating the content for various courses. He has been assisting many engineers in the lab examinations and securing certifications.Anand Rao has delivered instructor led trainings in several states in India as well as several countries like USA, Bahrain, Kenya and UAE. He has worked as a Microsoft Certified Trainer globally for Corporate Major Clients.Anand is also a Certified seasoned professional holding certifications in following platforms: Microsoft Certified Trainer ( MCT ) SY0-401 : CompTIA Security + Scrum Certified master ( SCRUM ) ITIL V3 Certified Network Defender ( CND – EC-Council ) Certified Ethical hacker ( CEH – EC-Council ) 70-640 MS Active Directory 70-533 MS Azure Administration 70-534 MS Azure Architecture AWS certified solutions Architect – Associate AWS certified sysops administrator – Associate Google Cloud Platform-Cloud Architect (GCP) Certified Cloud Security Knowledge ( CCSK ) SC 900, SC 200 & SC -300Note: Anand also manages channel "The Cloud Mentor" in youtube. Feel free to subscribe to AWS and Azure. Share, Learn, Subscribe.

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.