Exams

Exam SC-200: Microsoft Security Operations Analyst

As a Microsoft security operations analyst, you reduce organizational risk by:

  • Rapidly remediating active attacks in the environment.
  • Advising on improvements to threat protection practices.
  • Referring violations of organizational policies to appropriate stakeholders.

You perform:

  • Triage.
  • Incident response.
  • Vulnerability management.
  • Threat hunting.
  • Cyber threat intelligence analysis.

As a Microsoft security operations analyst, you monitor, identify, investigate, and respond to threats in multicloud environments by using:

  • Microsoft Sentinel
  • Microsoft Defender for Cloud
  • Microsoft 365 Defender
  • Third-party security solutions

In this role, you collaborate with business stakeholders, architects, identity administrators, Azure administrators, and endpoint administrators to secure IT systems for the organization.

As a candidate, you should be familiar with:

  • Microsoft 365
  • Azure cloud services
  • Windows and Linux operating systems

You may be eligible for ACE college credit if you pass this certification exam. See ACE college credit for certification exams for details.

Important

The English language version of this exam was updated on November 3, 2023. Review the study guide linked in the “Tip” box for details about the latest changes. If a localized version of this exam is available, it will be updated approximately eight weeks after this date. While Microsoft makes every effort to update localized versions as noted, there may be times when the localized versions of this exam are not updated on this schedule.

Passing score: 700. Learn more about exam scores.

Tip

Part of the requirements for: Microsoft Certified: Security Operations Analyst Associate

Related exams: none

Go to Learn Profile

Schedule exam

  • SC-200: Microsoft Security Operations Analyst

    Languages: English, Japanese, Chinese (Simplified), Korean, French, German, Spanish, Portuguese (Brazil), Chinese (Traditional), Italian

    Retirement date: none

    This exam measures your ability to accomplish the following technical tasks: mitigate threats by using Microsoft 365 Defender; mitigate threats by using Defender for Cloud; and mitigate threats by using Microsoft Sentinel.

    Price based on the country or region in which the exam is proctored.

    Take a free practice assessment

    Test your skills with practice questions to help you prepare for the exam. Learn more about practice assessments.

Skills measured

  • The English language version of this exam was updated on November 3, 2023. Review the study guide linked in the preceding “Tip” box for details about the skills measured and latest changes.
  • Mitigate threats by using Microsoft 365 Defender (25–30%)
  • Mitigate threats by using Defender for Cloud (15–20%)
  • Mitigate threats by using Microsoft Sentinel (50–55%)

Two ways to prepare

Items in this collection

There may be certifications and prerequisites related to "Exam SC-200: Microsoft Security Operations Analyst"

  • Microsoft Certified: Security Operations Analyst Associate

    As a Microsoft security operations analyst, you monitor, identify, investigate, and respond to threats in multicloud environments by using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security solutions.

Exam resources

Certification poster

Check out an overview including fundamentals, role-based and specialty certifications for Dynamics 365 and Power Platform.

Exam Replay

Boost your odds of success with this great offer.

Support for certification exams

Get help through Microsoft Certification support forums. A forum moderator will respond in one business day, Monday-Friday.

Your certifications

Review and manage your scheduled appointments, certificates, and transcripts.

* Pricing does not reflect any promotional offers or reduced pricing for Microsoft Certified Trainers and Microsoft Partner Network program members. Pricing is subject to change without notice. Pricing does not include applicable taxes. Please confirm exact pricing with the exam provider before registering to take an exam.

** Complete this exam before the retirement date to ensure it is applied toward your certification. After the retirement date, please refer to the related certification for exam requirements.