SC-200 Exam Prep: Microsoft Security Operations Analyst

AVG Duration12h


This Learning Path is designed to help you and your team prepare for the SC-200: Microsoft Security Operations Analyst exam. Even if you don't plan to take the exam, these courses will help familiarize you with the concepts you need to know to effectively mitigate threats, using Microsoft 365 Defender, Microsoft Defender for Cloud, and Microsoft Sentinel.

Candidates who pass this exam will earn the Microsoft Certified Security Operations Analyst Associate certification. 

The SC-200 exam tests your knowledge of three key subject areas, and that’s how we’ve structured this Learning Path.

We’ll cover the skills you need to mitigate threats with Microsoft 365 Defender, Microsoft Defender for Cloud, and Microsoft Sentinel.


Learning Objectives 

  • Mitigate threats using Microsoft 365 Defender
  • Mitigate threats using Microsoft Defender for Cloud
  • Mitigate threats using Microsoft Sentinel 


Intended Audience

  • IT professionals who want to become familiar with threat mitigation through the use of Microsoft 365 Defender, Microsoft Defender for Cloud, and Microsoft Sentinel.
  • IT professionals preparing for Microsoft’s SC-200 exam 



Your certificate for this learning path

Training Content

Course - Intermediate - 43m
Configuring Microsoft Defender for Office 365
This course shows how to set up Microsoft Defender for Microsoft 365 through a series of practical demonstrations from the Microsoft 365 platform.
Course - Intermediate - 54m
Managing Data Loss Prevention in Microsoft 365
This course is designed to give you a solid understanding of data loss prevention (DLP) in Microsoft 365.
Course - Intermediate - 45m
Managing Microsoft 365 Security Reports and Alerts
This course will explore best practices and fundamentals using Microsoft 365’s Secure Score as a primary barometer to measure protection and readiness as well as timely and effective responses to threat incidents.
Course - Intermediate - 47m
Managing Device Compliance in Microsoft 365
This course explores the suite of tools available in Microsoft Endpoint Manager for establishing and maintaining security posture in an organization.
Course - Intermediate - 16m
Implementing Azure AD Identity Protection
This course will provide you with an understanding of what Azure Identity Protection is, what it does, and how to implement identity protection policies.
Course - Intermediate - 15m
Getting Started with Conditional Access Policies
In this course, you'll learn the fundamentals of conditional access policies and how to build them.
Course - Beginner - 11m
Deploying Microsoft Defender for Identity
This quick-hitting course is intended for those who want to learn how to deploy Defender for Identity.
Course - Beginner - 24m
Getting Started with Microsoft Defender for Cloud
This course helps you understand what Microsoft Defender for Cloud is, what it offers, and how it can be used to protect resources.
Course - Intermediate - 25m
Data Governance in Microsoft 365
In this course, we take a look at data governance in Microsoft 365 and what it's used for.
Course - Intermediate - 54m
Managing Regulatory Compliance in Microsoft 365
This course explores the compliance features available to a Microsoft 365 administrator as well as how to manage regulatory compliance in a Microsoft 365 environment.
Hands-on Lab - Beginner - 2h
Secure Your Cloud with Microsoft Defender for Cloud
Take advantage of automatic security audits and recommendations to secure your cloud with Microsoft Defender for Cloud (previously Azure Security Center) in this lab.
Course - Intermediate - 24m
Monitoring Microsoft 365 Security with Azure Sentinel
This course explores Azure Sentinel and how to use it to monitor Microsoft 365.
Hands-on Lab - Beginner - 1h
Introduction to Microsoft Sentinel
Learn how to use Microsoft Sentinel security tools to collect, investigate and hunt threats using this hands-on lab.
Hands-on Lab - Intermediate - 1h 30m
Investigating Security Events using Microsoft Sentinel
Learn how to investigate security attacks on a Windows virtual machine using Microsoft Sentinel Analytics Rule in this hands-on lab.
Hands-on Lab - Advanced - 1h 30m
Automating Threat Response using Sentinel Playbooks
Learn how to automate Threat Response based on Incident trigger using Sentinel Playbooks in this hands-on lab.
Hands-on Lab Challenge - Intermediate - 1h 30m
Azure Sentinel Incident Triage Challenge
Put your Azure Sentinel skills to the test as you triage incidents in this hands-on lab challenge.
Hands-on Lab - Intermediate - 1h
Advanced Threat Hunting in Microsoft Sentinel
Learn how to hunt for potential threats and generate incidents from bookmarks in your Azure Environments using Microsoft Sentinel in this hands-on lab.
Resource - Intermediate - 2h
Recommended Reading for SC-200 Exam Preparation
Recommended Reading for SC-200 Exam Preparation
About the Author
Learning paths62

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.