The SC-200 exam is for the Microsoft Security Operations Analyst and contains questions and content about Azure Defender and Azure Sentinel. Its not a tough exam, by any means – particularly if you have worked with Defender and Sentinel for any length of time.
Here’s the skills that are measured with their approximate percentages of coverage:
- Mitigate threats using Microsoft 365 Defender (25-30%)
- Mitigate threats using Azure Defender (25-30%)
- Mitigate threats using Azure Sentinel (40-45%)
I took it myself during the beta phase and those percentages are much different than what I experienced – so your results may vary. And, at the time of this blog post am still waiting for my results – which is now 8 weeks and counting. <ugghh>.
Taking this single exam give you a brand new certification of Microsoft Certified: Security Operations Analyst Associate.
A LEARN PATH
For those that interested in digging into learning for this exam, there’s already a Learning Path available. You can find that at the bottom of the exam information page: Exam SC-200: Microsoft Security Operations Analyst
I will tell you, though – based on my experience you need actual hands-on with each product. The Learning Path is not enough to pass the exam. If you’ve worked with each product extensively, you should have no problem passing it.
A SKILLS OUTLINE
I’d also recommend downloading the Skills Outline. The Skills Outline gives you a great reference to help potentially identify some of your weak points to enable you to prioritize your study focus.
However, if you want to wait a little bit, a couple colleagues of mine, Yuri Diogenes (ASC/Defender) and Sarah Young (Sentinel), are finishing up an exam reference book that should be released by September 2021. You can pre-order or be notified when its available: Exam Ref Sc-200 Microsoft Security Operations Analyst
UPDATE: Just a couple hours after posting this, my SC-200 results came through. I passed! Incidentally, this is one of those “do as I say, not as I do” scenarios. I took the exam cold. No studying. BUT, I work with these products every single day.
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Azure Sentinel Newsletter]