Microsoft Security Operations Analyst
The Microsoft Security Operations Analyst (SC-200) certification validates your skills in investigating, searching for, and mitigating threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender. This exam tests your ability to perform triage, respond to incidents, mitigate risk by using exposure management, hunt for threats using threat intelligence, and use KQL for reporting, detections, and investigations.
| Domain | Weight | Items | Coverage |
|---|---|---|---|
Manage security threats | 31% | 371 items | |
Manage a security operations environment | 26% | 316 items | |
Manage incident response | 22% | 266 items | |
Configure protections and detections | 20% | 236 items |
Invest in your career with this comprehensive study pack
Correct answer: Automatic attack disruption. This is one of 599 practice questions in the SC-200 SC-200: Microsoft Security Operations Analyst pack on ReadRoost.
The SC-200 SC-200: Microsoft Security Operations Analyst study pack on ReadRoost includes 599 practice questions and 350 flashcards, covering 4 exam domains including Manage security threats. Every question has a detailed explanation so you understand why each answer is right or wrong.
Yes. The SC-200 SC-200: Microsoft Security Operations Analyst pack is mapped to the latest official exam objectives and is maintained by the ReadRoost team. You get flashcards with spaced repetition, timed practice exams, and AI-powered explanations.
AZ-900
400 questions ยท 200 flashcards
AB-730
751 questions ยท 468 flashcards
SC-100
1102 questions ยท 497 flashcards
AI-900
557 questions ยท 229 flashcards
You need to configure Microsoft Defender XDR to automatically respond to high-confidence phishing attacks. What should you configure?