Microsoft Certified: Information Security Administrator Associate
Training provider:
Aspire 2Be
Duration:
4 days
Awarding body:
Microsoft
Delivery:
Instructor-led virtual
Overview
The Microsoft Certified: Security Operations Administrator Associate certification is designed for professionals responsible for monitoring, detecting, and responding to security incidents using Microsoft’s extended detection and response (XDR) and SIEM tools. This certification validates the ability to reduce organisational risk by rapidly remediating threats, advising on improvements to threat protection practices, and managing secure environments across Microsoft 365 and Azure. It is ideal for individuals seeking to demonstrate expertise in active threat defence and incident response within a Microsoft environment.
What will I learn?
- Mitigate threats using Microsoft 365 Defender: Learn how to investigate incidents across Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud Apps. Develop the skills to use advanced hunting, incident queues, and evidence analysis
- Mitigate threats using Microsoft Defender for Endpoint: Gain hands-on experience identifying threats, analysing alerts, managing devices, and applying remediation actions using Defender for Endpoint
- Mitigate threats using Microsoft Defender for Cloud: Understand how to secure Azure resources, identify misconfigurations, assess security posture, and implement recommendations to protect workloads
- Mitigate threats using Microsoft Sentinel: Learn how to configure Microsoft Sentinel, connect data sources, use Kusto Query Language (KQL) to detect anomalies, and create playbooks for automated response
- Manage threat intelligence and incident response: Understand the threat landscape, integrate threat intelligence, and collaborate with stakeholders using evidence-based reporting and investigations
Key information
- Aged 19+
- Living in Wales
Plus, one of the following:
- Employed (inc. agency & zero hour contracts),
- Self-employed,
- Full-time carer,
- Prisoner on day release
Candidates should have already completed security fundamentals and should be familiar with all Microsoft 365 services, PowerShell, Microsoft Entra, the Microsoft Defender Portal, and Microsoft Defender for Cloud Apps.
120 minute certification exam.
- Security Operations Centre (SOC) analysts and incident responders
- IT professionals seeking to specialise in threat detection and response
- Cybersecurity professionals looking to build skills with Microsoft security technologies
- Individuals progressing from fundamental security training to hands-on technical roles
Course dates will be discussed directly with the training provider upon successful completion of funding application. Any course dates arranged with the training provider prior to funding being secured may not be honoured – Course dates will only be confirmed once funding has been approved.
Training provider:
NILC
Duration:
4 days
Awarding body:
Microsoft
Delivery:
Tutor-led online
Overview
The Microsoft Certified: Information Security Administrator Associate certification is designed for professionals who plan and implement information security for sensitive data using Microsoft Purview and related services. This course equips learners with the skills to protect data within Microsoft 365 collaboration environments from internal and external threats, as well as safeguard data used by AI services. It covers key areas such as information protection, data loss prevention (DLP), retention, insider risk management, and incident response. Learners will also gain experience managing security alerts and implementing controls to secure content across Microsoft environments.
What will I learn?
After completing this course, learners will be able to implement Microsoft Purview Information Protection, manage Data Loss Prevention policies, configure Insider Risk Management, and protect data in AI environments. They will also learn to implement retention and recovery strategies, audit and search activity in Microsoft Purview, and respond to information security incidents. The course emphasizes collaboration with governance, data, and security roles to develop and enforce policies that support organizational risk reduction goals.
Key information
- Aged 19+
- Living in Wales
Plus, one of the following:
- Employed (inc. agency & zero hour contracts)
- Self-employed
- Full-time carer
- Prisoner on day release
While there are no strict prerequisites, learners should be familiar with Microsoft 365 services, PowerShell, Microsoft Entra, Microsoft Defender portal, and Microsoft Defender for Cloud Apps. A foundational understanding of information security principles and experience working in security or compliance roles will be beneficial. Familiarity with Microsoft Purview and its capabilities is recommended.
The SC-401 exam is a proctored certification assessment that lasts approximately 100 minutes. It includes interactive components and requires a minimum score of 700 out of 1000 to pass. The exam evaluates skills in implementing and managing information protection, DLP, insider risk management, and security incident response.
Professionals who earn this certification can pursue roles such as Information Security Administrator, Compliance Analyst, or Microsoft Purview Specialist. With further experience and certifications, career paths may lead to senior roles like Security Architect, Risk Management Lead, or Head of Information Security.
Course dates will be discussed directly with the training provider upon successful completion of funding application. Any course dates arranged with the training provider prior to funding being secured may not be honoured – Course dates will only be confirmed once funding has been approved.
Aberdare
Wellington Street
Aberdare
Rhondda Cynon Taff
CF44 8EN
Nantgarw
Heol y Coleg
Parc Nantgarw
Cardiff
CF15 7QY
Rhondda
Llwynypia
Tonypandy
Rhondda Cynon Taff
CF40 2TQ
Ystrad Mynach
Twyn Road
Ystrad Mynach
Hengoed
CF82 7XR
