Get Started
Security Operations Analyst

Security Operations Analyst

Start Your Career with Microsoft Security Operations Analyst Training and Certification

Start Date: MM-DD-YYYY

Virtual Session

30 Weeks

Live Demonstrations

Hands-On Projects

Enroll Now

MD-102: Microsoft 365 Endpoint Administrator

This comprehensive training outline prepares candidates for the MD-102 exam, covering core endpoint management concepts with a focus on hands-on labs and practical experience. 

Module 1

Introduction to Modern Endpoint Management

1 week

Learning Objectives:  

  • Define modern endpoint management and its key principles. 
  • Explain the benefits of cloud-based endpoint management solutions. 
  • Introduce the Microsoft 365 Endpoint Manager ecosystem (Intune, Configuration Manager, Autopilot). 
  • Discuss the evolution of endpoint management and its impact on the modern workplace. 
  • Explore the concept of co-management and its advantages.
  • Create a free Azure account (if not already done). 
  • Explore the Microsoft 365 admin center and familiarize yourself with the interface. 
  • Access the Intune console and explore its basic features. 
  • Create a basic device configuration policy (e.g., disable USB storage). 
  • (Optional) Explore basic Configuration Manager features (if available in your environment). 

Module 2

Setting up hands on LaB

1 Week

Learning Objectives:  

  • Design and implement your own hands-on lab for real-world cybersecurity experience . 
  • Downloading Windows Server 2022 ISO 
  • Getting Hyper-V Installed on Windows 
  • Creating a Virtual Switch in Hyper-V 
  • Installing a Windows Server 2022 Virtual Machine 
  • Downloading the Windows 11 ISO 
  • Installing a Windows 11 virtual machine 
  • Deploy and manage domain controllers on-premises 
  • Joining Windows 11 to a domain 
  • Creating a trial Microsoft 365/Azure Account 
  • Adding a subscription to your Azure account 
  • Connect your On-Premise ADDS Domain to Azure AD using Azure AD Connect 

Module 3

Device Enrollment and Management

2 Weeks

Learning Objectives:  

  • Explain different device enrollment methods (Azure AD Join, Hybrid Join, etc.). 
  • Configure device enrollment settings in Intune. 
  • Create and manage device compliance policies. 
  • Implement and manage MDM policies (e.g., Wi-Fi settings, VPN profiles). 
  • Troubleshoot common device enrollment issues. 
  • Enroll a personal device (Android/iOS) into Intune. 
  • Enroll a corporate-owned Windows 10 device into Intune. 
  • Create a device compliance policy that requires a device to be encrypted and have a passcode. 
  • Create a Wi-Fi profile and deploy it to enrolled devices. 
  • Troubleshoot device enrollment issues and resolve common errors. 

Module 4

Application Management

1 Week

Learning Objectives:  

  • Deploy and manage line-of-business (LOB) applications (Win32, iOS, Android). 
  • Deploy browser-based applications. 
  • Manage application protection policies (app wrapping). 
  • Configure application deployment rings and pilot programs. 
  • Troubleshoot application deployment and management issues. 
  • Deploy a line-of-business application (e.g., a .msi installer) to a group of devices. 
  • Deploy a browser-based application (e.g., a web app bookmark) to users. 
  • Create an application protection policy for a specific application. 
  • Troubleshoot application deployment failures and resolve common issues. 

Module 5

Endpoint Security

2 Weeks

Learning Objectives:  

  • Implement and manage endpoint security policies (antivirus, antimalware, firewall). 
  • Configure and manage Microsoft Defender for Endpoint. 
  • Respond to security alerts and investigate security incidents. 
  • Implement and manage data loss prevention (DLP) policies. 
  • Understand and implement security best practices for endpoints. 
  • Configure Microsoft Defender for Endpoint settings. 
  • Simulate a malware attack and analyze the security alerts. 
  • Investigate a suspicious user activity in Microsoft Defender for Endpoint. 
  • Create a DLP policy to prevent sensitive data from leaving the organization. 

Module 6

Identity and Access Management

1 Week

Learning Objectives:  

  • Understand the integration of Azure Active Directory (Azure AD) with Intune. 
  • Implement and manage conditional access policies. 
  • Manage user identities and access rights. 
  • Explore Azure AD Join, Hybrid Join, and their implications for endpoint management. 
  • Create a conditional access policy that requires MFA for access from specific devices. 
  • Configure Azure AD Join for a group of devices. 
  • Troubleshoot identity and access-related issues. 

Module 7

Co-management with Configuration Manager

3 Weeks

Learning Objectives:  

  • Understand the benefits and prerequisites of co-management. 
  • Configure and manage co-management with Configuration Manager. 
  • Leverage the strengths of both Intune and Configuration Manager. 
  • Troubleshoot co-management issues. 
  • Configure co-management with Configuration Manager. 
  • Deploy a software update using co-management. 
  • Troubleshoot co-management issues and resolve conflicts. 

Module 8

Lab Exercises (Advanced)

1 Week

Learning Objectives:  

  • Implement and troubleshoot advanced endpoint management scenarios. 
  • Explore advanced features of Intune and Configuration Manager. 
  • Conduct performance tuning and optimization exercises. 
  • Simulate real-world challenges and develop solutions. 

Content Need to Update

SC-200: Security Operations Analyst Associate

This training outline is designed to prepare candidates for the SC-200 exam, covering the core knowledge areas required for performing threat hunting, incident response, and security monitoring and automation. 

Module 1

ntroduction to Microsoft 365 Defender

1 Week

Learning Objectives: 

  • Understand the Microsoft 365 Defender ecosystem and its components. 
  • Explore the Microsoft 365 Defender portal and its key features. 
  • Learn about threat intelligence and threat hunting concepts. 
  • Understand the importance of security information and event management (SIEM). 

Module 2

Using Defender for Endpoints

2 Weeks

Learning Objectives: 

  • Define the capabilities of Microsoft Defender for Endpoint. 
  • Understand how to hunt threats within your network. 
  • Explain how Microsoft Defender for Endpoint can remediate risks in your environment. 
  • Create a Microsoft Defender for Endpoint environment. 
  • Onboard devices to be monitored by Microsoft Defender for Endpoint. 
  • Configure Microsoft Defender for Endpoint environment settings. 
  • Investigate incidents in Microsoft Defender for Endpoint. 
  • Investigate alerts in Microsoft Defender for Endpoint. 
  • Perform advanced hunting in Microsoft Defender for Endpoint. 
  • Configure alert settings in Microsoft Defender for Endpoint. 
  • Manage indicators in Microsoft Defender for Endpoint. 
  • Describe Threat and Vulnerability Management in Microsoft Defender for Endpoint. 
  • Identify vulnerabilities on your devices with Microsoft Defender for Endpoint. 
  • Track emerging threats in Microsoft Defender for Endpoint. 

Module 3

Mitigate Threats with Microsoft 365 Defender

2 Weeks

Learning Objectives: 

  • Introduce a step-by-step walkthrough for advanced hunting. 
  • Investigate and respond to security alerts in Microsoft 365 Defender. 
  • Utilize advanced hunting techniques to identify and investigate threats. 
  • Implement and manage security policies and configurations. 
  • Understand and respond to phishing attacks and other social engineering threats. 
  • Learn about threat intelligence feeds and how to leverage them. 
  • Investigate and respond to security alerts in Microsoft 365 Defender. 
  • Conduct advanced hunting in Microsoft 365 Defender. 
  • Investigate phishing attacks. 
  • Set up threat intelligence feeds in Microsoft 365 Defender. 

Module 4

Secure Your Cloud Apps and Services with Microsoft Cloud App Security

1 Week

Learning Objectives: 

  • Understand cloud application security risks. 
  • Discover and classify cloud applications. 
  • Monitor and control cloud application usage. 
  • Protect sensitive data in cloud applications. 
  • Highlight integration with other Microsoft security products. 
  • Discover and classify cloud applications using Microsoft Cloud App Security. 
  • Monitor cloud application usage and configure policies. 
  • Protect sensitive data in cloud applications. 

Module 5

Threat Detection with Azure Sentinel

2 Weeks

Learning Objectives: 

  • Understand the architecture and components of Azure Sentinel. 
  • Connect data sources to Azure Sentinel. 
  • Create and manage workbooks and dashboards. 
  • Use analytics rules to detect threats. 
  • Investigate security incidents in Azure Sentinel. 
  • Provide step-by-step instructions for building dashboards tailored to specific organizational needs. 
  • Setup Azure Sentinel workspace. 
  • Connect data sources to Azure Sentinel. 
  • Create and manage workbooks and dashboards in Azure Sentinel. 
  • Use analytics rules to detect and investigate security threats in Azure Sentinel. 
  • Create custom dashboards tailored to organizational needs. 

Module 6

Threat Response with Azure Sentinel

2 Weeks

Learning Objectives: 

  • Respond to security incidents using playbooks and automation. 
  • Conduct threat hunting in Azure Sentinel. 
  • Use entity behavior analytics in Azure Sentinel. 
  • Integrate Azure Sentinel with other security solutions. 
  • Create and configure playbooks in Azure Sentinel for automated responses. 
  • Conduct threat hunting in Azure Sentinel. 
  • Use entity behavior analytics to detect and mitigate threats. 
  • Integrate Azure Sentinel with other Microsoft security tools. 

Module 7

Lab Exercises

2 Weeks

Learning Objectives: 

  • Gain hands-on experience with Microsoft 365 Defender and Azure Sentinel. 
  • Simulate real-world security scenarios and respond to incidents. 
  • Conduct threat hunting exercises. 
  • Troubleshoot common security issues. 
  • Simulate real-world security incidents and respond to them. 
  • Conduct hands-on threat hunting exercises. 
  • Troubleshoot common security issues in Microsoft 365 Defender and Azure Sentinel. 

Certified Security Operations Analyst -Mastering Cybersecurity Defense

Learn how to manage security incidents, detect threats, and use Microsoft security tools to protect your organization. Gain skills in investigating and responding to cyber threats.

Enroll Now

Signup our newsletter to get update information, news, insight or promotions.

Facebook-f Instagram Linkedin-in Youtube
Quick Links
Contact Information
Copyright © 2025 Cybersecurity Trainers, All rights reserved.

Join Our Program Today!