SC-200: Security Operations Analyst
Defender XDR, Sentinel, KQL threat hunting, and detection engineering β real SOC scenarios.
$79 practice exams are gatekeeping. Mine are $9 because it should be. Written by someone who works in cloud and AI at Microsoft NZ β for people like us.
I just passed with a 777 (Yes, Seriously). This video helped me tremendously.
@yourdream8 Β· YouTube
Bonus: the 28-module study guide is included free. See study guide β
Browse all exams
β Try the actual questions below β no sign-up needed.
Official Exam Details
| Duration | 100 minutes |
| Questions | 40β60 |
| Passing Score | 700 / 1000 |
| Exam Cost | $165 USD |
| Testing Provider | Pearson VUE |
| Validity | Renew annually (free via Microsoft Learn) |
| Question Types | Multiple choice, Multiple response, Drag-and-drop, Case study |
Domain Breakdown
| Domain | Questions |
|---|---|
| Manage a Security Operations Environment | 102 |
| Respond to Security Incidents | 92 |
| Perform Threat Hunting | 56 |
Free Study Guide
This cert includes a complete study guide with 28 modules β free forever.
Domain 1: Manage a Security Operations Environment
- Sentinel Workspace: Roles & Retention 14 min
- Get Windows Events Into Sentinel 13 min
- Syslog, CEF & Azure Data Ingestion 13 min
- Defender for Endpoint: Core Setup 12 min
- Attack Surface Reduction & Security Policies 11 min
- Defender XDR: Tune Your Alerts 11 min
- Automated Investigation & Attack Disruption 13 min
- Sentinel Automation: Rules & Playbooks 12 min
- Custom Detections in Defender XDR 11 min
- Sentinel Analytics & Threat Intelligence 14 min
- MITRE ATT&CK & Anomaly Detection 11 min
- Detection Engineering: Putting It All Together 10 min
Domain 2: Respond to Security Incidents
- Incident Triage: From Alert to Verdict 14 min
- Purview & Defender for Cloud Threats 12 min
- Identity Threats: Entra & Defender for Identity 12 min
- Cloud App Security: Investigate Shadow IT 11 min
- Sentinel Incident Response 12 min
- Copilot for Security: Your AI Analyst 11 min
- Complex Attacks & Lateral Movement 12 min
- Endpoint: Timeline & Live Response 12 min
- Endpoint: Evidence & Entity Investigation 11 min
- M365 Investigations: Audit, Search & Graph 12 min
Domain 3: Perform Threat Hunting
Frequently Asked Questions
What is the passing score for the Security Operations Analyst exam?
The passing score for Security Operations Analyst (SC-200) is 700 / 1000. Our practice exams use an 80% threshold to help you build confidence before the real test.
How long is the Security Operations Analyst exam?
The official Security Operations Analyst exam is 100 minutes long. You can simulate this time pressure using our Exam Mode, which includes a countdown timer and auto-submit.
How much does the Security Operations Analyst exam cost?
The Security Operations Analyst certification exam costs $165 USD. You can prepare with our 250-question practice exam for just $9 (1 year access) β a fraction of the real exam fee. Plus, our complete study guide is free forever.
How many questions are on the Security Operations Analyst exam?
The official Security Operations Analyst exam has 40β60 questions. Our practice bank includes 250 exam-style questions with detailed explanations covering all 3 domains.
How long is the Security Operations Analyst certification valid?
The Security Operations Analyst certification is valid for: Renew annually (free via Microsoft Learn). Plan your recertification early and use our practice exams to stay sharp.
Is the Security Operations Analyst practice exam worth it?
Yes β our 250-question practice exam includes three study modes (Study, Exam Simulation, and Flashcards with spaced repetition), detailed explanations for every answer, adaptive question selection, and progress tracking across all 3 domains. The complete study guide is free forever. 20 practice questions are free with no account needed. Full access is $9 for 1 year.
How do I prepare for the Security Operations Analyst certification?
Start with our free study guide to build your foundation, then use Study Mode for instant feedback and concept learning. Switch to Exam Mode for timed practice under real conditions (100 minutes, 700 / 1000 to pass). Use Flashcards with spaced repetition to retain key facts long-term. Track your readiness score across all domains.
How does purchasing work?
Click "Unlock $9" above β pay securely via Stripe β receive a licence key instantly on screen (also emailed in your Stripe receipt). Enter the key on the practice page to unlock all 250 questions. No account needed. Each cert is purchased separately at $9 for 1 year of access.