Skip to content
Rana Usman Ahmad
All trainings
Prepares you for SC-200

Security Operations Analyst

Detect, investigate, and respond with Defender XDR and Microsoft Sentinel.

Book this training
Duration
24 hours
Labs
14
Split
65% hands-on / 35% theory
Delivery
Live on Teams
01

What is covered

  • Mitigate threats with Microsoft Defender XDR
  • Threat management with Microsoft Sentinel
  • KQL for detection and hunting
  • Automation with playbooks
02

What you leave with

  • Run investigations across the Defender suite
  • Write effective KQL detections
  • Be ready to sit SC-200
03

Reference architecture

We work through the reference architecture for this stack during the training.

AlertsEndpoint, identity, email
IncidentCorrelated by Defender XDR
InvestigateHunt, KQL, timeline
RespondIsolate, remediate, automate
Conceptual architecture for this training using the Microsoft stack. Original diagram; product names are trademarks of Microsoft Corporation.
03

Book this training

Booking starts a conversation. Send your details and preferred dates and I will reply with availability. Fees are handled by email reply.

Your request reaches me directly, and I reply personally to arrange dates and fees.