2Month/20 Hours Price:~~90,000~~

80,000

Microsoft Certified: Security Operations Analyst Associate

he Microsoft security operations analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.

Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Since the security operations analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.

Skills measured

Mitigate threats using Microsoft 365 Defender
Mitigate threats using Microsoft Defender for Cloud
Mitigate threats using Microsoft Sentinel

Course OutlineDetect, investigate, respond, and remediate endpoint threats by using Microsoft Defender for Endpoint

manage data retention, alert notification, and advanced features
configure device attack surface reduction rules
configure and manage custom detections and alerts
respond to incidents and alerts
manage automated investigations and remediations
assess and recommend endpoint configurations to reduce and remediate vulnerabilities by using the Microsoft’s threat and vulnerability management solution.
manage Microsoft Defender for Endpoint threat indicators
analyze Microsoft Defender for Endpoint threat analytics

Detect, investigate, respond, and remediate application threats

identify, investigate, and remediate security risks by using Microsoft Cloud Application Security (MCAS)
configure MCAS to generate alerts and reports to detect threats

Design and configure a Microsoft Defender for Cloud implementation

plan and configure Microsoft Defender for Cloud settings, including selecting target subscriptions and workspace
configure Microsoft Defender for Cloud roles
configure data retention policies
assess and recommend cloud workload protection

Manage Microsoft Defender for Cloud alert rules

validate alert configuration
setup email notifications
create and manage alert suppression rules

Design and configure a Microsoft Sentinel workspace

plan a Microsoft Sentinel workspace
configure Microsoft Sentinel roles
design Microsoft Sentinel data storage
configure security settings and access for Microsoft Sentinel

Manage Microsoft Sentinel analytics rules

design and configure analytics rules
create custom analytics rules to detect threats
activate Microsoft security analytics rules
configure connector provided scheduled queries
configure custom scheduled queries
define incident creation logic

Manage Microsoft Sentinel Incidents

investigate incidents in Microsoft Sentinel
triage incidents in Microsoft Sentinel
respond to incidents in Microsoft Sentinel
investigate multi-workspace incidents
identify advanced threats with User and Entity Behavior Analytics (UEBA)

Hunt for threats using Microsoft Sentinel

create custom hunting queries
run hunting queries manually
monitor hunting queries by using Livestream
perform advanced hunting with notebooks
track query results with bookmarks
use hunting bookmarks for data investigations
convert a hunting query to an analytical

About The Exam

This exam measures your ability to accomplish the following technical tasks: mitigate threats using Microsoft 365 Defender; mitigate threats using Microsoft Defender for Cloud; and mitigate threats using Microsoft Sentinel

International student Fee 750$

Microsoft Certification (Free Practice Exam Dumps)