Freeintermediate3 modules · 18 lessons · ~7h

SC-200 Exam Prep

Free exam prep for the Microsoft Security Operations Analyst Associate certification. 18 focused lessons across all three exam domains covering Microsoft Defender XDR, Microsoft Sentinel, and Defender for Cloud.

Start course

Want to go deeper? Continue on Pluralsight

Level up your security skills with expert-led courses. Free 10-day trial, then access thousands of courses across cloud security, networking, and certifications.

Start free trial

Course curriculum

Microsoft Defender XDR25-30% of exam

L1. Defender XDR: Architecture and the Unified Portal
L2. Defender for Endpoint: Onboarding and Alert Triage
L3. Defender for Office 365: Email Threat Protection
L4. Defender for Identity: Lateral Movement Detection
L5. Defender for Cloud Apps: Shadow IT and App Governance
L6. Incident Management: Correlation, Triage and Response

Microsoft Sentinel50-55% of exam

L7. Sentinel Architecture: Workspaces, Connectors and Costs
L8. Data Connectors: Ingesting Logs at Scale
L9. KQL Fundamentals: Querying Security Data
L10. Analytics Rules: Scheduled, NRT and Fusion
L11. Sentinel Incidents: Investigation and Evidence
L12. Automation and SOAR: Playbooks with Logic Apps
L13. Workbooks and Threat Hunting
L14. Watchlists, Threat Intelligence and UEBA

Microsoft Defender for Cloud15-20% of exam

L15. Defender for Cloud: CSPM and CWP Fundamentals
L16. Security Recommendations and Secure Score
L17. Workload Protections: Servers, Containers and Databases
L18. Regulatory Compliance and Governance

🎯

Practice Exam: Arcade Mode

50 questions, 45 minutes, instant feedback, XP streaks, and domain breakdown.

Start Exam