microsoft partner logo color
8245  Reviews star_rate star_rate star_rate star_rate star_half

Microsoft Cybersecurity Foundation and Operations

This Microsoft Cybersecurity course teaches learners how to protect systems and data using Microsoft security tools and technologies. Participants learn how to manage and investigate security...

Read More
Course Code SC-900-200-100-5001-5004
Duration 5 days
Available Formats Classroom

This Microsoft Cybersecurity course teaches learners how to protect systems and data using Microsoft security tools and technologies. Participants learn how to manage and investigate security incidents and implement endpoint protection solutions. By the end of this security training, learners confidently leverage Microsoft Defender, Microsoft Sentinel, and other key security solutions, to safeguard sensitive information and defend against evolving cyber threats. Note: This course is a combination of the following Microsoft courses:

  • SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals
  • SC-200T00: Microsoft Security Operations Analyst
  • SC-100T00: Microsoft Cybersecurity Architect
  • SC-5001: Configure SIEM security operations using Microsoft Sentinel
  • SC-5004: Defend Against Cyberthreats with Microsoft Defender XDR

Skills Gained

  • Learn core security and compliance concepts to establish a strong foundation in cybersecurity
  • Master incident management and investigation techniques using Microsoft 365 Defender
  • Implement and configure Microsoft Defender for Endpoint to secure endpoints effectively
  • Utilize Microsoft Sentinel for advanced security information and event management
  • Gain a comprehensive understanding of Microsoft's security ecosystem and its various components
  • Design and implement security strategies for diverse environments, including cloud and on-premises
  • Master Kusto Query Language (KQL) for effective data analysis and threat hunting in Microsoft Sentinel

Prerequisites

  • General understanding of Microsoft 365, Microsoft Sentinel, Kusto Query Language (KQL), Microsoft Windows, networking, and cloud computing concepts
  • Fundamental understanding of Microsoft security, compliance, and identity products
  • Familiarity with Azure services, specifically Azure SQL Database and Azure Storage, as well as Azure virtual machines and networking
  • Basic understanding of scripting concepts
  • Highly recommended to have attended and passed one of the associate level certifications in the security, compliance and identity portfolio (such as AZ-500 or SC-300)
  • Advanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications
  • Experience with hybrid and cloud implementations

Course Details

Microsoft Security, Compliance, and Identity Fundamentals

  • Security and Compliance Concepts
  • Identity Concepts
  • Services and Identity Types of Azure AD
  • Authentication Capabilities of Azure AD
  • Access Management Capabilities of Azure AD
  • The Identity Protection and Governance Capabilities of Azure AD
  • Basic Security Capabilities in Azure
  • The Security Management Capabilities of Azure
  • The Security Capabilities of Microsoft Sentinel
  • Threat protection with Microsoft 365 Defender
  • The Service Trust Portal and Privacy at Microsoft
  • The Compliance Management Capabilities in Microsoft Purview
  • Information Protection and Data Lifecycle Management in Microsoft Purview
  • Insider Risk Capabilities in Microsoft Purview
  • The eDiscovery and Audit Capabilities of Microsoft Purview
  • Describe Resource Governance Capabilities in Azure

Microsoft Security Operations Analyst

  • Introduction to Microsoft 365 threat protection
  • Mitigate incidents using Microsoft 365 Defender
  • Protect your identities with Azure AD Identity Protection
  • Remediate risks with Microsoft Defender for Office 365
  • Safeguard your environment with Microsoft Defender for Identity
  • Secure your cloud apps and services with Microsoft Defender for Cloud Apps
  • Respond to data loss prevention alerts using Microsoft 365
  • Manage insider risk in Microsoft Purview
  • Investigate threats by using audit features in Microsoft 365 Defender and Microsoft Purview Standard
  • Investigate threats using audit in Microsoft 365 Defender and Microsoft Purview (Premium)
  • Investigate threats with Content search in Microsoft Purview
  • Protect against threats with Microsoft Defender for Endpoint
  • Deploy the Microsoft Defender for Endpoint environment
  • Implement Windows security enhancements with Microsoft Defender for Endpoint
  • Perform device investigations in Microsoft Defender for Endpoint
  • Perform actions on a device using Microsoft Defender for Endpoint
  • Perform evidence and entities investigations using Microsoft Defender for Endpoint
  • Configure and manage automation using Microsoft Defender for Endpoint
  • Configure for alerts and detections in Microsoft Defender for Endpoint
  • Utilize Vulnerability Management in Microsoft Defender for Endpoint
  • Plan for cloud workload protections using Microsoft Defender for Cloud
  • Connect Azure assets to Microsoft Defender for Cloud
  • Connect non-Azure resources to Microsoft Defender for Cloud
  • Manage your cloud security posture management
  • Explain cloud workload protections in Microsoft Defender for Cloud
  • Remediate security alerts using Microsoft Defender for Cloud
  • Construct KQL statements for Microsoft Sentinel
  • Analyze query results using KQL
  • Build multi-table statements using KQL
  • Work with data in Microsoft Sentinel using Kusto Query Language
  • Security Operations Analyst
  • Microsoft Sentinel
  • Introduction to Microsoft Sentinel
  • Create and manage Microsoft Sentinel workspaces
  • Query logs in Microsoft Sentinel
  • Use watchlists in Microsoft Sentinel

Microsoft Cybersecurity Architect

  • Build an overall security strategy and architecture
  • Design a security operations strategy
  • Design an identity security strategy
  • Evaluate a regulatory compliance strategy
  • Evaluate security posture and recommend technical strategies to manage risk
  • Understand architecture best practices and how they are changing with the Cloud
  • Design a strategy for securing server and client endpoints
  • Design a strategy for securing PaaS, IaaS, and SaaS services
  • Specify security requirements for applications
  • Design a strategy for securing data
  • Recommend security best practices using Microsoft Cybersecurity Reference Architectures (MCRA) and Microsoft Cloud Security Benchmarks
  • Recommend a secure methodology using the Cloud Adoption Framework (CAF)
  • Recommend a ransomware strategy by using Microsoft Security Best Practices

Configure SIEM security operations using Microsoft Sentinel

  • Create and manage Microsoft Sentinel workspaces
  • Connect Microsoft services to Microsoft Sentinel
  • Connect Windows hosts to Microsoft Sentinel
  • Threat detection with Microsoft Sentinel analytics
  • Automation in Microsoft Sentinel
  • Configure SIEM security operations using Microsoft Sentinel

Defend Against Cyberthreats with Microsoft Defender XDR

  • Mitigate incidents using Microsoft Defender
  • Deploy the Microsoft Defender for Endpoint environment
  • Configure for alerts and detections in Microsoft Defender for Endpoint
  • Configure and manage automation using Microsoft Defender for Endpoint
  • Perform device investigations in Microsoft Defender for Endpoint
  • Defend against Cyberthreats with Microsoft Defender XDR lab exercises

Conclusion