SC-100 - Design Security Operations, Identity, and Compliance Capabilities - Section 2.1
Design solutions for security operations, including detection, response, logging, SOAR, and threat detection coverage.
Design a security operations architecture that integrates Microsoft Defender XDR for extended detection and response (XDR) with Microsoft Sentinel as the SIEM and SOAR platform, mapped to MITRE ATT&CK matrices. Choose the appropriate combination of Microsoft Purview Audit, threat hunting, and incident response capabilities to achieve the required detection and coverage depth.
Microsoft Defender XDRMicrosoft SentinelSIEM and SOARextended detection and response (XDR)MITRE ATT&CK matricesMicrosoft Purview Auditthreat hunting and incident response
More in this domain
Back to all Design Security Operations, Identity, and Compliance Capabilities objectives, or the SC-100 cert hub.
Examworthy is not affiliated with or endorsed by Microsoft. Original, blueprint-aligned practice material only.