SC-200 Microsoft Security Operations Analyst

Overview

This course features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. Become proficient in using Microsoft security tools to detect, investigate, and respond to cyber threats. You will gain hands-on experience with Microsoft Defender, Sentinel, and Microsoft 365 Defender to secure endpoints, identities, and cloud environments. Learn to configure security baselines, manage alerts, and automate threat response using these powerful security products. The course begins with an introduction to Microsoft 365 Defender, followed by comprehensive coverage of Defender for Office 365, Defender for Cloud Apps, Defender for Endpoint, and Defender for Identity. You will explore methods for threat hunting and analyze security data using advanced tools like Extended Detection and Response (XDR) and Microsoft Secure Score. The course progresses into Microsoft Defender for Cloud, helping you secure cloud infrastructure and multi-cloud environments. Next, you'll dive into Microsoft Sentinel, where you'll learn to configure resources, manage data connectors, and automate workflows for efficient incident response. The hands-on nature of the course ensures you gain practical skills in mitigating threats. This course is ideal for security professionals looking to gain in-depth knowledge of Microsoft security products. It is designed for those who have a foundational understanding of IT and cybersecurity concepts and are eager to advance their skills in threat detection and response.

Syllabus

Use Microsoft 365 Defender to Mitigate Threats

In this module, we will explore how Microsoft 365 Defender and its related tools form a comprehensive defense strategy against modern cyber threats. You’ll get hands-on insights into Defender for Office 365, Cloud Apps, Endpoints, and Identity, as well as advanced features like Secure Score and Extended Detection and Response. By the end of this section, you'll be able to apply Microsoft’s integrated security tools to monitor, prevent, and respond to complex security incidents effectively.

Use Microsoft Defender for Cloud to Mitigate Threats

In this module, we will dive into the functionalities of Microsoft Defender for Cloud and how it helps protect hybrid and multi-cloud environments. You’ll learn to configure roles, policies, and automation, assess workload protections, and connect external resources for seamless security integration. By the end, you’ll be equipped to optimize your cloud security operations with effective data insights, automated onboarding, and responsive threat management.

Use Microsoft Sentinel to Mitigate Threats

In this module, we will explore the full lifecycle of deploying and operating Microsoft Sentinel, Microsoft’s cloud-native SIEM and SOAR solution. You'll learn to configure core components, automate responses, and implement advanced analytics and threat detection strategies. By the end of this section, you'll be equipped to build a highly effective security operations workflow using Sentinel’s powerful capabilities in investigation, visualization, and proactive hunting.