Trevor Stuart - Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide: Manage, monitor, and respond to threats using Microsoft Security Stack for securing IT systems

Manage, monitor, and respond to threats using Microsoft Security Stack for securing IT systems

Trevor Stuart

Joe Anich

BIRMINGHAMMUMBAI

Copyright 2022 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Vijin Boricha

Publishing Product Manager: Mohd Riyan Khan

Senior Editor: Shazeen Iqbal

Content Development Editor: Rafiaa Khan

Technical Editor: Shruthi Shetty

Copy Editor: Safis Editing

Project Coordinator: Ajesh Devavaram

Proofreader: Safis Editing

Indexer: Subalakshmi Govindhan

Production Designer: Alishon Mendonca

Marketing Coordinator: Hemangi Lotlikar

First published: April 2022

Production reference: 1140222

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

ISBN 978-1-80323-189-1

www.packt.com

I want to dedicate this book to the love of my life, Iveth. Thank you for always supporting me, encouraging me, and allowing me to live out my dreams. Most of all, thank you for your love!

Trevor Stuart

I want to dedicate this book to the boys, John, Jeff, Trent, and Bgriz. John, hoping you can read by the time this comes out, it'll be so exciting!

Joe Anich

Trevor Stuart has over 15 years of experience in IT. He started with SMS and Active Directory and maintained exposure in the field through various naming changes and technical additions. Trevor has a passion for IT but more so for cybersecurity. Trevor swiftly moved into cybersecurity and focused on securing privileged access, hardening operating systems, implementing tiering within AD, tying identities to modern authentication mechanisms, scaling out identities to the hybrid world, carrying out application migration in a secure manner in Azure, and leveraging built-in security controls in multiple clouds and platforms to secure workloads. Trevor is a technology enthusiast at heart and the world of cybersecurity lights the fire of passion inside of him.

Joe Anich has 13 years of experience in the IT industry ranging from endpoint management with a focus on Microsoft Endpoint Configuration Manager (MECM, formerly SCCM) and Intune to endpoint security and incident response. As Joe dug deeper into security, he realized where his passion resided, and that was in incident response working with the Microsoft Detection and Response Team (DART). Working in incident response has given Joe insight into SOC operations and how to help teams around the world improve their security posture within the Microsoft 365 security stack. Outside of IR, he is in constant pursuit of continued education, whether that be SANS courses such as the GCED or GCFA or internal threat hunting training.

Nitish Anand, CISSP, is a cybersecurity analyst at Microsoft. Nitish has been actively working in the cybersecurity domain for the past 7 years, primarily in a Security Operations Center. His career in cybersecurity began at Wipro Technologies working in the financial domain as a security analyst, and then working with Value Labs LLP for one of the healthcare clients. For the last 3 years, Nitish has been working for Microsoft and has focused primarily on SIEM use case development and tuning and malware and phishing analysis. Nitish received his bachelor's degree in computer science and engineering in 2014 from Cochin University, Kochi. He holds CCNA, ITIL, CEH, and other security certifications. In his free time, he loves photography and traveling.

Rafik Gerges is a highly successful security and compliance professional, with 12 years of experience in cybersecurity and compliance. He holds an information risk management master's degree, in addition to a machine learning diploma and 30+ international certifications.

Rafik has successfully created new IPs, product enhancement, and readiness and go-to-market materials, led consulting teams, and much more.

Besides being an innovative engineer, Rafik spends his free time working out at the gym, practicing boxing, being his own mechanic, and hanging out with friends.

Chris Smith spent 8 years in the United States Marine Corps serving in all disciplines of IT, including system administration, network administration, and defensive cyber operations. Upon discharge from the Marine Corps, Chris joined Microsoft and now supports organizations through their security journey. He has since developed skillsets in Azure, Microsoft 365, security operations, and incident response. Using these skills, Chris assists organizations in the deployment and operation of tools such as Defender for Endpoint, Defender for Identity, and Defender for Cloud.

My greatest thanks to the authors of this book and the Packt team for affording me the opportunity to help develop this content.