Exam

SC-200: Microsoft Security Operations Analyst

Financial Accounting Certification

Microsoft 365 Defender

Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, emails, and applications to provide integrated protection against sophisticated attacks.

Microsoft Defender for Cloud – CSPM & CWP

Microsoft Defender for Cloud is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for all of your Azure, on-premises, and multicloud (Amazon AWS and Google GCP) resources. Defender for Cloud fills three vital needs as you manage the security of your resources and workloads in the cloud and on-premises

Microsoft Sentinel – SIEM & SOAR

Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response.

Microsoft Sentinel using Kusto Query Language (KQL)

A Kusto Query Language query is a read-only request to process data and return results – it doesn’t write any data. Queries operate on data that’s organized into a hierarchy of databases, tables, and columns, similar to SQL.

Detections and Investigations using Microsoft Sentinel

Microsoft Sentinel gives you a complete, full-featured case management platform for investigating security incidents. The incidents are your case files that contain an aggregation of all the relevant evidence for specific investigations. Each incident is created (or added to) based on pieces of evidence (alerts) that were either generated by analytics rules or imported from third-party security products that produce their own alerts. Incidents inherit the entities contained in the alerts, as well as the alerts’ properties, such as severity, status, and MITRE ATT&CK tactics and techniques.