Formação SC-200

Começar. É Gratuito
ou inscrever-se com seu endereço de e-mail
Formação SC-200 por Mind Map: Formação SC-200

1. Estrutura do Exame

1.1. Objetivos

1.1.1. Mitigar Ameaças ([Documentação Oficial](https://learn.microsoft.com/pt-br/certifications/exams/sc-200/))

1.1.2. Monitorar o Ambiente ([Microsoft Sentinel](https://learn.microsoft.com/azure/sentinel/overview))

1.1.3. Investigar Incidentes ([Microsoft Defender for Endpoint](https://learn.microsoft.com/defender-endpoint/))

1.1.4. Responder a Incidentes ([Playbooks no Sentinel](https://learn.microsoft.com/azure/sentinel/tutorial-respond-threats-playbook))

1.2. Peso dos Tópicos

1.2.1. 25-30%: Mitigação de Ameaças Ameaças ([Políticas de Segurança no Azure](https://learn.microsoft.com/azure/security-center/security-policy))

1.2.2. 25-30%: Detecção de Ameaças ([Consultas KQL](https://learn.microsoft.com/azure/data-explorer/kql-quick-reference))

1.2.3. 20-25%: Investigação de Incidentes Incidentes ([Análise Forense](https://learn.microsoft.com/defender-endpoint/investigate-incidents))

1.2.4. 15-20%: Resposta a Incidentes ([Automatização de Respostas](https://learn.microsoft.com/azure/sentinel/tutorial-respond-threats-playbook))

1.3. Formato

1.3.1. Múltipla Escolha ([Exemplo de Questões](https://www.examtopics.com/exams/microsoft/sc-200/))

1.3.2. Cenários Práticos Práticos ([Simulados MeasureUp](https://www.measureup.com/microsoft-sc-200-practice-test.html))

1.3.3. Duração: ~120 Minutos ([Detalhes do Exame](https://learn.microsoft.com/pt-br/certifications/exams/sc-200/))

2. Recursos de Estudo

2.1. Microsoft Learn

2.1.1. Caminho de Aprendizado SC-200 ([Caminho SC-200](https://learn.microsoft.com/pt-br/certifications/exams/sc-200/))

2.1.2. Laboratórios Gratuitos ([Microsoft Learn Sandbox](https://learn.microsoft.com/pt-br/training/modules/))

2.1.3. Documentação Oficial ([Microsoft Docs](https://learn.microsoft.com/pt-br/))

2.2. Cursos Pagos

2.2.1. Udemy ([Cursos SC-200](https://www.udemy.com/topic/sc-200/))

2.2.2. Coursera ([Cursos Microsoft Security](https://www.coursera.org/courses?query=microsoft%20security))

2.2.3. Pluralsight ([Pluralsight SC-200](https://www.pluralsight.com/paths/microsoft-security-operations-analyst-sc-200))

2.3. Livros

2.3.1. Exam Ref SC-200 (Microsoft Press) ([Livro Oficial](https://learn.microsoft.com/pt-br/certifications/exams/sc-200/#resources))

2.4. Comunidades Online

2.4.1. LinkedIn ([Grupo SC-200](https://www.linkedin.com/groups/?keywords=sc-200))

2.4.2. Reddit ([r/AzureSecurity](https://www.reddit.com/r/AzureSecurity/))

2.4.3. TechNet ([Fórum TechNet](https://social.technet.microsoft.com/Forums/en-US/home?category=azuresecurity))

3. Ferramentas e Laboratórios

3.1. Microsoft Sentinel

3.1.1. Configurar Workspaces ([Configurar Workspace](https://learn.microsoft.com/azure/sentinel/quickstart-onboard))

3.1.2. Consultas KQL

3.1.3. Playbooks Automatizados ([Criar Playbooks](https://learn.microsoft.com/azure/sentinel/tutorial-respond-threats-playbook))

3.2. Microsoft Defender for Endpoint

3.2.1. Simular Ataques ([Atomic Red Team](https://github.com/redcanaryco/atomic-red-team))

3.2.2. Investigar Alertas ([Investigar Alertas](https://learn.microsoft.com/defender-endpoint/investigate-alerts))

3.2.3. Configurar Políticas ([Políticas de Proteção](https://learn.microsoft.com/defender-endpoint/configuration-policies))

3.3. Azure Monitor

3.3.1. Configurar Alertas ([Alertas no Azure Monitor](https://learn.microsoft.com/azure/azure-monitor/alerts/alerts-overview))

3.3.2. Painéis de Monitoramento ([Criar Painéis](https://learn.microsoft.com/azure/azure-monitor/visualizations))

3.4. Laboratórios Gratuitos

3.4.1. Microsoft Learn Sandbox ([Sandbox](https://learn.microsoft.com/pt-br/training/modules/))

3.4.2. Conta Gratuita do Azure ([Conta Gratuita](https://azure.microsoft.com/free/))

4. Estratégias de Estudo

4.1. Planejamento

4.1.1. Rotina Semanal ([Dicas de Planejamento](https://meuplannerdeestudos.com.br/?utm_source=chatgpt.com/))

4.1.2. Tempo para Teoria e Prática ([Balancear Estudos](https://www.examtopics.com/discussions/microsoft/view/104896-how-to-balance-theory-and-practice-for-sc-200/))

4.2. Metodologia

4.2.1. Teoria: Documentação e Vídeos ([Documentação](https://learn.microsoft.com/pt-br/))

4.2.2. Prática: Laboratórios e Simulações ([Laboratórios](https://learn.microsoft.com/pt-br/training/modules/))

4.2.3. Revisão: Flashcards e Resumos ([Flashcards](https://www.brainscape.com/subjects/microsoft-certification))

4.3. Foco nos Tópicos

4.3.1. Mitigação de Ameaças ([Mitigação](https://learn.microsoft.com/azure/security-center/security-policy))

4.3.2. Detecção de Ameaças ([Detecção](https://learn.microsoft.com/azure/sentinel/detect-threats-built-in))

4.3.3. Investigação de Incidentes ([Investigação](https://learn.microsoft.com/defender-endpoint/investigate-incidents))

4.4. Simulados

4.4.1. MeasureUp ([MeasureUp](https://www.measureup.com/microsoft-sc-200-practice-test.html))

4.4.2. Whizlabs ([Whizlabs](https://www.whizlabs.com/microsoft-certification/sc-200-exam/))

5. Tópidos Principais

5.1. Mitigação de Ameaças

5.1.1. Configurar Políticas de Segurança ([Políticas](https://learn.microsoft.com/azure/security-center/security-policy))

5.1.2. Proteger Cargas de Trabalho ([Proteção](https://learn.microsoft.com/azure/security-center/secure-score-security-controls))

5.1.3. Reduzir Superfícies de Ataque ([Redução](https://learn.microsoft.com/azure/security-center/reduce-your-attack-surface))

5.2. Detecção de Ameaças

5.2.1. Coletar e Analisar ([Logs](https://learn.microsoft.com/azure/sentinel/connect-data-sources))

5.2.2. Consultas ([KQL](https://learn.microsoft.com/azure/data-explorer/kql-quick-reference))

5.2.3. Configurar Regras de Detecção ([Regras](https://learn.microsoft.com/azure/sentinel/detect-threats-custom))

5.3. Investigação de Incidentes

5.3.1. Análise ([Forense](https://learn.microsoft.com/defender-endpoint/investigate-incidents))

5.3.2. Identificar ([Escopo](https://learn.microsoft.com/defender-endpoint/investigate-incidents)) e Impacto

5.3.3. ([Ferramentas](https://learn.microsoft.com/defender-endpoint/investigation-tools)) de Investigação

5.4. Resposta a Incidentes

5.4.1. Automatizar com ([Playbooks](https://learn.microsoft.com/azure/sentinel/tutorial-respond-threats-playbook))

5.4.2. ([Isolar](https://learn.microsoft.com/defender-endpoint/isolate-machines)) Dispositivos Comprometidos

5.4.3. Documentar e ([Comunicar](https://learn.microsoft.com/defender-endpoint/incident-responses)) Incidentes