SC-200 is designed for Security Operations Analysts responsible for monitoring, investigating, and responding to threats.
The SC-200 course is intended for professionals working in security operations roles.This includes analysts responsible for threat monitoring, investigation, and response across cloud, endpoint, and identity platforms.The course supports preparation for the Security Operations Analyst Associate certification.
The course fits analysts who actively work with security alerts and incidents.
“The course was designed for people who work in a Security Operations job role.”
AZ-500 is a four-day course for IT security professionals who secure Microsoft Azure environments. It focuses on implementing security controls, maintaining security posture, and identifying and remediating vulnerabilities.
View courseFour-day course on implementing and managing identity and access solutions using Microsoft Azure AD. Covers identity configuration, conditional access, application access management, and identity governance. Aligned with Microsoft Identity and Access Administrator Associate certification.
View courseSC-400 is a two-day course focused on information protection and governance in Microsoft 365 environments. It covers implementing data loss prevention, sensitive information types, sensitivity labels, retention policies, and message encryption.
View courseSC-200 covers proactive threat hunting using Microsoft Sentinel queries, bookmarks, livestream, and notebooks.
SC-200 focuses on investigating, responding to, and hunting cyber threats using Microsoft Sentinel and Microsoft Defender technologies.
SC-200 uses Microsoft Sentinel as the central SIEM and SOAR platform for detection, investigation, and response.
SC-200 uses KQL to query logs, analyze threats, build detections, and perform threat hunting.
Browse all FAQs →
Full knowledge base
Necessary cookies are always active. You can accept, reject non-essential cookies, or customize your preferences.