If your passion lies in the sphere of securing information technology systems for various organizations and you have skills to collaborate with organizational stakeholders to meet the requirements and achieve the goals set, then, the Microsoft Certified: Security Operations Analyst Associate certification is for you. The certified professionals are knowledgeable of which practices to apply to improve threat protection and are able to report violations of institutional policy to the relevant stakeholders. Such qualified individuals are competent in threat management, monitoring, and responding to them by utilizing Azure Defender, Microsoft 365 Defender, Microsoft Azure Sentinel, and other tools used for security protection. To become a certified professional, you need to pass one exam – SC-200.
The Microsoft exam SC-200 is also known as the Microsoft Security Operations Analyst evaluation. It will cost you $165 and can be scheduled through the vendor’s website. You should be properly prepared to solve 40-60 questions of various types within 2 hours. Achieving at least 700 points marks your success in the exam.
The exam consists of three parts each of which covers a specific topic and skills. The first part is designed to check your skills in mitigating threats with the help of Microsoft 365 Defender. You should demonstrate your skills to secure the productivity environment from threats by detecting them, responding, and emending them. You also should be equipped with skills to implement Microsoft SharePoint, OneDrive, Microsoft Teams, as well as Defender for Office 365. In addition, you should be able to evaluate sensitivity labels and deal with insider risk policies. Besides, your proficiency in utilizing Microsoft Defender for Endpoint, Microsoft Cloud App Security, and Microsoft 365 Defender products will be checked.
The second topic is centered on reducing threats by utilizing Azure Defender. In this section, you should perform your skills to implement Azure Defender settings, configure its roles, and evaluate the protection of cloud workloads. Then, you need to be able to apply the data connections and define which data sources are to be ingested for Azure Defender. Your skills to connect AWS and GCP cloud resources as well as on-premises computers will also be checked. Next, you will need how proficient you are in operating Azure Defender alert rules, implementing automation and remediation using Azure Security Center and Azure Recource Manager template. Moreover, your skills in working with Azure Defender alerts and incidents will also be tested.
The third topic refers to mitigating threats utilizing Azure Sentinel. In this part, your competency in planning the workspace of Azure Sentinel, designing its data storage, and configuring its service security will be checked. In addition, your skills to utilize Data Connectors, implement analytics rules for Azure Sentinel, create and utilize Azure Sentinel playbooks, as well as analyze the received data afterwards will be measured. Moreover, in this part, you are expected to show your ability to operate Azure Sentinel Incidents and detect threats utilizing the Azure Sentinel portal.
So, having the Microsoft Certified: Security Operations Analyst Associate accreditation, you can apply for such job roles as a security operations analyst or a security engineer. As for the salary, you can earn about $89,151 per year.