Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide: Manage, monitor, and respond to threats using Microsoft Security Stack for securing IT systems
Author: Trevor Stuart and Joe Anich
Publisher finelybook 出版社: Packt Publishing (March 16, 2022)
Language 语言: English
Print Length 页数: 288 pages
ISBN-10: 1803231890
ISBN-13: 9781803231891
Book Description
By finelybook
Remediate active attacks to reduce risk to the organization Author: investigating, hunting, and responding to threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender
Key Features
Detect, protect, investigate, and remediate threats using Microsoft Defender for endpoint
Explore multiple tools using the M365 Defender Security Center
Get ready to overcome real-world challenges as you prepare to take the SC-200 exam
Security in information technology has always been a topic of discussion, one that comes with various backgrounds, tools, responsibilities, education, and change! The SC-200 exam comprises a wide range of topics that introduce Microsoft technologies and general operations for security analysts in enterprises. This book is a comprehensive guide that covers the usefulness and applicability of Microsoft Security Stack in the daily activities of an enterprise security operations analyst.
Starting with a quick overview of what it takes to prepare for the exam, you’ll understand how to implement the learning in real-world scenarios. You’ll learn to use Microsoft’s security stack, including Microsoft 365 Defender, and Microsoft Sentinel, to detect, protect, and respond to adversary threats in your enterprise. This book will take you from legacy on-premises SOC and DFIR tools to leveraging all aspects of the M365 Defender suite as a modern replacement in a more effective and efficient way.
Author: the end of this book, you’ll have learned how to plan, deploy, and operationalize Microsoft’s security stack in your enterprise and gained the confidence to pass the SC-200 exam.
What you will learn
Discover how to secure information technology systems for your organization
Manage cross-domain investigations in the Microsoft 365 Defender portal
Plan and implement the use of data connectors in Microsoft Defender for Cloud
Get to grips with designing and configuring a Microsoft Sentinel workspace
Configure SOAR (security orchestration, automation, and response) in Microsoft Sentinel
Find out how to use Microsoft Sentinel workbooks to analyze and interpret data
Solve mock tests at the end of the book to test your knowledge