This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Exams
Warning
Arabic, Indonesian, and Russian versions of this exam retired on February 28, 2023.
The Microsoft security operations analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.
Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the security operations analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
Candidates for this role should be familiar with attack vectors, cyberthreats, incident management, and Kusto Query Language (KQL). Candidates should also be familiar with Microsoft 365 and Azure services.
You may be eligible for ACE college credit if you pass this certification exam. See ACE college credit for certification exams for details.
Important
The English language version of this exam was updated on February 7, 2023. Review the study guide linked in the “Tip” box for details about the latest changes. If a localized version of this exam is available, it will be updated approximately eight weeks after this date. While Microsoft makes every effort to update localized versions as noted, there may be times when the localized versions of this exam are not updated on this schedule.
Passing score: 700. Learn more about exam scores.
Tip
Part of the requirements for: Microsoft Certified: Security Operations Analyst Associate
Related exams: none
Go to Learn ProfileLanguages: English, Japanese, Chinese (Simplified), Korean, French, German, Spanish, Portuguese (Brazil), Chinese (Traditional), Italian
Retirement date: none
This exam measures your ability to accomplish the following technical tasks: mitigate threats using Microsoft 365 Defender; mitigate threats using Microsoft Defender for Cloud; and mitigate threats using Microsoft Sentinel.
Price based on the country or region in which the exam is proctored.
There may be certifications and prerequisites related to "Exam SC-200: Microsoft Security Operations Analyst"
The Microsoft security operations analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.
Explore all certifications in a concise training and certifications guide.
Check out an overview including fundamentals, role-based and specialty certifications for Dynamics 365 and Power Platform.
Boost your odds of success with this great offer.
Get help through Microsoft Certification support forums. A forum moderator will respond in one business day, Monday-Friday.
Review and manage your scheduled appointments, certificates, and transcripts.
Learn more about requesting an accommodation for your exam.
Review the exam policies and frequently asked questions.
* Pricing does not reflect any promotional offers or reduced pricing for Microsoft Certified Trainers and Microsoft Partner Network program members. Pricing is subject to change without notice. Pricing does not include applicable taxes. Please confirm exact pricing with the exam provider before registering to take an exam.
** Complete this exam before the retirement date to ensure it is applied toward your certification. After the retirement date, please refer to the related certification for exam requirements.