SC-200Exam Domain

Mitigate Threats Using Microsoft Defender XDR (25–30%)SC-200 Study Guide

33 chapters

~825 min total

Free — no signup required

Mitigate Threats Using Microsoft Defender XDR (25–30%) Chapters

Microsoft Defender for Endpoint

Objective 1.1 · Defender XDR

25m

Microsoft Defender for Identity

Objective 1.2 · Defender XDR

25m

Microsoft Defender for Office 365

Objective 1.3 · Defender XDR

25m

Microsoft Defender for Cloud Apps

Objective 1.4 · Defender XDR

25m

Defender for Endpoint Alert Triage

Objective 1.1 · Defender XDR

25m

Advanced Hunting with KQL in Defender

Objective 1.1 · Defender XDR

25m

Defender for Endpoint Live Response

Objective 1.1 · Defender XDR

25m

Defender for Identity Attack Detections

Objective 1.2 · Defender XDR

25m

Defender XDR Incident Correlation

Objective 1.1 · Defender XDR

25m

Defender for Endpoint ASR Rules

Objective 1.1 · Defender XDR

25m

Defender for Endpoint Network Protection

Objective 1.1 · Defender XDR

25m

Defender for Endpoint Device Inventory

Objective 1.1 · Defender XDR

25m

Defender for Endpoint Onboarding Methods

Objective 1.1 · Defender XDR

25m

Automated Investigation and Response (AIR) in MDE

Objective 1.1 · Defender XDR

25m

Defender for Identity Alert Categories

Objective 1.2 · Defender XDR

25m

Domain Controller and Active Directory Monitoring

Objective 1.2 · Defender XDR

25m

Defender for Office 365 Policy Configuration

Objective 1.3 · Defender XDR

25m

Safe Attachments and ZAP in Defender

Objective 1.3 · Defender XDR

25m

Defender for Cloud Apps Policies

Objective 1.4 · Defender XDR

25m

Shadow IT Discovery with MCAS

Objective 1.4 · Defender XDR

25m

Conditional Access App Control in MCAS

Objective 1.4 · Defender XDR

25m

SOC Incident Triage and Escalation

Objective 1.1 · Defender XDR

25m

Live Response and Remote Forensics

Objective 1.1 · Defender XDR

25m

Custom Detection Rules in Defender XDR

Objective 1.1 · Defender XDR

25m

Entra ID Risk Policies and Sign-In Risk

Objective 1.4 · Defender XDR

25m

Device Timeline Analysis in MDE

Objective 1.1 · Defender XDR

25m

User Risk Investigation in Entra ID Protection

Objective 1.4 · Defender XDR

25m

Microsoft Copilot for Security

Objective 1.1 · Defender XDR

25m

Defender for Endpoint Security Baselines

Objective 1.1 · Defender XDR

25m

Defender for Endpoint Web Content Filtering

Objective 1.1 · Defender XDR

25m

Defender XDR Security Graph and Investigations

Objective 1.1 · Defender XDR

25m

Microsoft Copilot for Security

Objective 1.1 · Defender XDR

25m

101

Defender XDR Automatic Attack Disruption

Objective 1.1 · Defender XDR

25m

Start: Microsoft Defender for Endpoint

Other SC-200 Domains

Mitigate Threats Using Microsoft Sentinel (50–55%)

44 chapters

Mitigate Threats Using Defender for Cloud (20–25%)

24 chapters

Test your Mitigate Threats Using Microsoft Defender XDR (25–30%) knowledge

Free SC-200 practice questions with full explanations. Test what you learn chapter by chapter.

SC-200 Practice Questions