The New Microsoft CyberSecurity Tracks: What's new?

Businesses everywhere are accelerating their digital transformation, making infosec a more pressing concern than ever.

So what is new with the Microsoft cybersecurity Tracks? Jens Gilges. who has been working with IT since 2001, shares his insights. Jens is recognized around the world as a subject matter expert in Cloud and infrastructure Security and is currently the Senior Instructor and Head of Learning Technologies with Readynez.

The background of the new Microsoft Security Tracks
You are probably already familiar with the 2 certifications that we describe below: The MS-500 and the AZ-500, that were until recently the 2 only Microsoft Cloud Technology Security certifications:

Microsoft 365 Security Administrator Associate (MS-500)
This cetification covered the following main subjects:

• Compliance
• eDiscovery
• DLP
• Endpoint Manger
• Windows Defender ATP
• Azure ATP
• Conditional Access
• On-Premise Connectivity and Security

Microsoft Azure Security Engineer Associate (AZ-500)
This cetification covered the following main subjects:

• Network Security
• VPN
• Backup / Restore
• Azure Firewall
• Azure Bastion
• Container Security
• Database Security
• Identity
• Security

Those are very relevant subjects, but the topics and technologies covered in these 2 are very broad. Another concern that many have voiced, is that neither of these microsoft seucurity certifications are really ideal for beginners or non-technical roles who are looking to get an overview.

Also, they are not in depth enough for architects and there are some recent technologies that are not included: such as the Advanced DLP, Azure Sentinel, Tools detecting malicious insiders and advanced archiving strategies to mention some of them.

What’s New in the Microsoft infosec certifications?
The recent launches include 4 new In-depth and more focused Microsoft Security training and Certification tracks.

• SC-900 Microsoft Security, Compliance and Identity Fundamentals
• SC-200 Microsoft Security Operations Analyst
• SC-300 Microsoft Identity and Access Administrator
• SC-400 Microsoft Information Protection Administrator

Let's have a look at them individually.

Microsoft Security, Compliance and Identity Fundamentals (SC-900)
This 1-day training- and certification track gives you a good introduction to all available security and compliance features in Microsoft 365 and Azure. When you’ve completed this course you will be able to identify core technologies to provide identity and service security and understand basic concepts for compliance for Microsoft 365 and Azure products.

Many of these subjects are included in the MS-500 also, but the new SC-900 gives you an introduction to each technology on the technology – and sales level.

Learn more about the training & certification track here: https://www.readynez.com/en/training/courses/vendors/microsoft/security-compliance-identity-fundamentals-sc-900-course/

Microsoft Security Operations Analyst (SC-200)
This 3-day training- and certification track focuses on the required skills to provide log analysis, threat hunting and incident response using Microsoft technologies. It also provides you with all the skills to implement endpoint and network protection as well as an introduction to the Kusto Query Language.

This is a very comprehensive curriculum covering threat detection, incident response, security automation and implementing the hottest SIEM on the market:

This certification focuses on the following technologies:

• Microsoft 365 Defender
• Azure Defender
• Sentinel

It teaches you how to use these technologies to implement advanced auditing not only for Azure services, but also for AWS and Google. You will learn to implement the technologies as well as get an introduction to the programming language to create you own dashboard, analytic queries and automated responses.

Learn more about the training- and certification track here: https://www.readynez.com/en/training/courses/vendors/microsoft/security-operations-analyst-sc-200-course/

Microsoft Identity and Access Administrator (SC-300)
This 3-day training- and certification track focuses on the required skills to administer, audit and secure applications and identities in a Microsoft 365 and Azure cloud only and hybrid environment. You will learn how to manage and secure internal, external and hybrid identities. You will also learn how to implement cloud and hybrid MFA solutions and advanced authentication concepts. The knowledge to on-board and secure on-premise Active Directory as well as implementing advanced authentication scenarios such as PTA, SSO and ADFS is covered. Lastly we’ll cover design and implementation of publishing and auditing of cloud and hybrid apps.

These are all the subjects related to securing and managing identities, connecting on-premise and manage cloud and hybrid apps

This certification focuses on the following technologies:

• Microsoft Azure AD
• Azure AD Connect
• Privileged Identity Management
• Conditional Access
• Azure Application Proxy
• MFA Server
• Azure Log Analytics.

You will learn how to manage and secure identities and Azure and on-premise AD. Plus, you’ll learn how to design and implement hybrid identity synchronization together with all advanced authentication scenarios such as PHS, PTA and ADFS. This certification also covers advanced permission and auditing concepts as well as how to publish and secure hybrid apps using the Application Proxy.

Learn more about the training- and certification track here: https://www.readynez.com/en/training/courses/vendors/microsoft/identity-access-administrator-sc-300-course/

Microsoft Information Protection Administrator (SC-400)
This 2-day training- and certification track focuses on all the important technologies to provide compliance and security for applications and company data in Microsoft 365. You will not only learn how to design archiving strategies, protection data at rest using DLP and eDiscovery, but also how to protect data in transit using DLP and onboard clients to implement advanced client security to ensure data compliance.

This certification focuses on the following technologies:

• eDiscovery, DLP
• Sensitive Information Types
• Data Classifiers
• Azure Information Protection.

In this class, you will learn how to implement the latest features for secure and audit data in Microsoft 365. You will also learn the latest technologies to secure data in transit as well as analysis techniques to perform eDiscovery search and use tools to detect insider threats.

Learn more about the training- and certification track here: https://www.readynez.com/en/training/courses/vendors/microsoft/information-protection-administrator-sc-400-course/

Are you ready to pick your ideal track? Se all available dates and prices on the links:

Microsoft Security, Compliance and Identity Fundamentals (SC-900)

Microsoft Security Operations Analyst (SC-200)

Microsoft Identity and Access Administrator (SC-300)

Microsoft Information Protection Administrator (SC-400)

We hope that this has given you an depth insight into the new Microsoft security tracks. As always, we'd love to hear from you if you have any feedback or questions at all.