SC200: Microsoft Security Operations Analysis

Description of the training

This training will teach you how to configure and manage security solutions with Microsoft Sentinel and Microsoft Defender, in order to detect, analyze and respond to security threats while ensuring data and infrastructure protection on Microsoft Azure.

Objectives of training

At the end of this training, participants will be able to:

• Manage information and incident security in a Microsoft environment.
• Monitor infrastructure with Microsoft Sentinel and Defender to manage security alerts and incidents.
• Analyze threats and vulnerabilities in a cloud and hybrid environment.
• Implement network and application security in Azure.
• Responding to security incidents: developing response strategies based on alerts and threats detected.

Who is this training for?

The training is aimed at a wide audience, including:

• IT Security Professionals: Those who manage the security of information, applications and infrastructure in the company.
• Azure Administrators: Cloud system administrators who want to strengthen their security skills on Azure.
• Computer Security Analysts: Cyber security and incident management experts who want to specialize in Microsoft Azure's threat detection tools.
• Cyber Security Consultants: Those who support companies in the implementation of Azure security solutions.
• Responsible for Risk Management and Compliance: Those who want to learn how to secure cloud environments to meet compliance and data security requirements.

Prerequisites

No specific prerequisites are required. This training is available to anyone wishing to discover safety on Azure, but a basic knowledge of computer science or information systems can be an asset.

Training programme

Introduction to Security and Microsoft Sentinel

• Introduction to security in Microsoft Azure.
• Presentation of Microsoft Sentinel and its threat management capabilities.
• Microsoft Sentinel configuration for log aggregation and analysis.
• Analysis of alerts and incidents in Sentinel.

Protection of infrastructure and applications

• Network security in Azure (NSG, Firewall, Azure Firewall).
• Implementation of Microsoft Defender for servers and databases.
• Application monitoring with Azure Security Center.
• Detection of threats and attacks in hybrid environments.

Incident Response and Risk Management

• Set up alerts and automatic actions in Microsoft Sentinel.
• Implementation of security incident management strategies.
• Configuration of security policies and controls in Azure.
• Threat response: identification, investigation and remediation.
• Review of best practices for security management.

Training assets

• Pedagogical approach: An alternative between theory and practice for better assimilation of concepts.
• Qualified trainers: Specialists with practical experience in the field of security operations analysis.
• Educational tools and materials: Access to online resources, live demonstrations and real-life case studies.
• Accessibility: Training is open to all, without advanced technical prerequisites.

Pedagogical methods and tools used

• Live demonstrations with security services from the Azure Cloud.
• Practical workshops and real case studies in various sectors (industry, trade, health).
• Feedback: Sharing best practices and common mistakes in business.
• Simulations and tools: Using simulators and cloud platforms for interactive workshops.

Evaluation

• MCQ at the end of training.
• Practical case studies.
• Continuous evaluation with personalized feedback.

Normative References

• Azure Well-Architected Framework
• ISO/IEC 19086
• GDPR (General Data Protection Regulation)
• NIST Cloud Computing Standards (SP 500-292)
• ISO 27001 Information security