Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals
You can access SC-900 Exam Microsoft official page here
This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.
Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
Skills Measured
- Describe the concepts of security, compliance, and identity (5-10%)
- Describe the capabilities of Microsoft identity and access management solutions (25-30%)
- Describe the capabilities of Microsoft security solutions (30-35%)
- Describe the capabilities of Microsoft compliance solutions (25-30%)
SC-900 Exam Free Study Guide
For each test objective, I’ve compiled a thorough collection of articles from Microsoft documentation. Please feel free to forward this page to your friends and coworkers in order to assist them in preparing for the test .
Describe the Concepts of Security, Compliance, and Identity (5-10%)
Describe Security Methodologies
- Describe the Zero-Trust methodology
- Zero-trust methodology
- What is Zero Trust? A model for effective security
- Implementing a Zero Trust security model at Microsoft
- Describe the shared responsibility model
- Shared responsibility model
- Cloud – Shared responsibility
- Shared Responsibility for Cloud whitepaper
- Define defense in depth
- Defense in depth
- What is Defense-in-Depth?
- Defense in-depth security
Describe Security Concepts
- Describe common threats
- Understanding malware & other threats
- 10 common security threats in the enterprise
- Describe encryption
- What is encryption, and how does it work?
- Encryption hashing and signing
Describe Microsoft Security and Compliance Principles
- Describe Microsoft’s privacy principles
- Describe Microsoft’s privacy principles
- Microsoft Privacy principles
- Describe the offerings of the service trust portal
- Introducing the Service Trust Portal
- Service Trust Portal offering
Describe the Capabilities of Microsoft Identity and Access Management Solutions (25-30%)
Define Identity Principles/Concepts
- Define identity as the primary security perimeter
- Identity as the primary security perimeter
- The 4 pillars of Identity
- Define authentication
- What is Authentication?
- Define authorization
- What is Authorization?
- Authentication vs. Authorization
- Describe what identity providers are
- What is an identity provider (IdP)?
- Identity Providers for external identities
- Describe what Active Directory is
- Understanding Active Directory
- Describe the concept of Federated services
- Federated services
- Define common Identity Attacks
- 5 identity attacks that exploit your broken authentication
Describe the Basic Identity Services and Identity Types of Azure AD
- Describe what Azure Active Directory is
- What is Azure Active Directory?
- Describe what is Azure Active Directory
- Describe Azure AD identities (users, devices, groups, service principals/applications)
- Describe Azure AD identity types
- Describe what hybrid identity is
- The concept of hybrid identities
- Describe the different external identity types (Guest Users)
- Describe the types of external identities
Describe the Authentication Capabilities of Azure AD
- Describe the different authentication methods
- Different authentication methods in Azure AD
- Authentication & verification methods in Azure AD
- Describe self-service password reset
- Self-service Password Reset (SSPR)
- How Azure AD self-service password reset works?
- Describe password protection and management capabilities
- Password protection & management capabilities of Azure AD
- Eliminate bad passwords in the cloud
- Eliminate weak passwords on-premises
- Describe Multi-factor Authentication
- Multi-factor authentication (MFA) in Azure AD
- How Azure AD MFA works?
- Configure Azure AD Multi-Factor Authentication
- Describe Windows Hello for Business
- Windows Hello for Business
Describe Access Management Capabilities of Azure AD
- Describe what conditional access is
- What is Conditional Access?
- Describe uses and benefits of conditional access
- Conditional access and its benefits
- Security benefits of Conditional Access
- Describe the benefits of Azure AD roles
- What is Azure role-based access control (RBAC)?
- Understand different roles
Describe the Identity Protection & Governance Capabilities of Azure AD
- Describe what identity governance is
- What is Azure AD Identity Governance?
- Describe Identity Governance
- Describe what entitlement management and access reviews is
- What is Azure AD entitlement management?
- What are Azure AD access reviews?
- Describe entitlement management & access reviews
- Describe the capabilities of PIM
- Privileged Identity Management
- Capabilities of Privileged Identity Management
- Describe Azure AD Identity Protection
- What is Identity Protection?
- What is Azure Identity Protection?
Describe the Capabilities of Microsoft Security Solutions (30-35%)
Describe Basic Security Capabilities in Azure
- Describe Azure Network Security groups
- Network security groups
- Describe Azure Network Security groups
- Describe Azure DDoS protection
- Azure DDoS protection
- DDoS Protection Standard overview
- Describe what Azure Firewall is
- What is Azure Firewall?
- Azure Firewall overview
- Describe what Azure Bastion is
- What is Azure Bastion?
- Azure Bastion overview
- Describe what Web Application Firewall is
- What is a Web Application Firewall?
- Web Application Firewall overview
- Describe ways Azure encrypts data
- Encryption options in Azure
- Azure encryption overview
Describe Security Management Capabilities of Azure
- Describe the Azure Security center
- What is Azure Security Center?
- Explore Azure Security center
- Describe Azure Secure score
- Secure score in Azure Security Center
- Explore Azure Secure score
- Describe the benefit and use cases of Azure Defender – previously the Cloud Workload Protection Platform (CWPP)
- Benefits & use cases of Azure Defender
- Benefits of Azure Defender for servers
- Describe Cloud Security Posture Management (CSPM)
- Cloud Security Posture Management with Azure Security Center
- Cloud security posture management – part 2
- Describe security baselines for Azure
- Security baselines for Azure
- Azure security baseline for Security Center
- Security baseline for Resource Manager
- Azure security baseline for Azure Monitor
- Security baseline for Windows Virtual Desktop
- Azure security baseline for Virtual Network
Describe Security Capabilities of Azure Sentinel
- Define the concepts of SIEM, SOAR, XDR
- Define the concepts of SIEM, SOAR, XDR
- SIEM, SOAR & XDR Defined
- Describe the role and value of Azure Sentinel to provide integrated threat protection
- How Sentinel provides integrated threat protection?
- Integrated threat protection with SIEM and XDR
Describe Threat Protection with Microsoft 365 Defender (Formerly Microsoft Threat Protection)
- Describe Microsoft 365 Defender services
- Microsoft 365 Defender services
- Microsoft 365 Defender overview
- Describe Microsoft Defender for Identity (formerly Azure ATP)
- What is Microsoft Defender for Identity?
- Microsoft Defender for Identity
- Describe Microsoft Defender for Office 365 (formerly Office 365 ATP)
- Microsoft Defender for Office 365
- Microsoft Defender for Office 365 overview
- Describe Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)
- What is Microsoft Defender for Endpoint?
- Microsoft Defender for Endpoint
- Describe Microsoft Cloud App Security
- Microsoft Cloud App Security overview
- Microsoft Cloud App Security
Describe Security Management Capabilities of Microsoft 365
- Describe the Microsoft 365 Security Center
- Explore the Microsoft 365 security center
- The unified Microsoft 365 security center overview
- Describe how to use Microsoft Secure Score
- What is Microsoft Secure Score?
- How to use Microsoft Secure Score?
- Describe security reports and dashboards
- Explore security reports and dashboards
- Security dashboard overview
- Describe incidents and incident management capabilities
- Describe incidents capabilities
- Incident management overview
Describe Endpoint Security with Microsoft Intune
- Describe what Intune is
- What is Intune?
- Microsoft Intune overview
- Describe endpoint security with Intune
- What is endpoint security with Intune?
- Manage endpoint security in Microsoft Intune
- Describe the endpoint security with the Microsoft Endpoint Manager admin center
- Microsoft Endpoint Manager overview
- Walkthrough Intune in Microsoft Endpoint Manager
Describe the Capabilities of Microsoft Compliance Solutions (25-30%)
Describe the Compliance Management Capabilities in Microsoft
- Describe the compliance center
- What is Compliance Center?
- Microsoft 365 compliance center overview
- Describe compliance manager
- What is Compliance Manager?
- Microsoft Compliance Manager overview
- Describe use and benefits of compliance score
- Understanding your compliance score
- Use and benefits of compliance score
Describe Information Protection and Governance Capabilities of Microsoft 365
- Describe data classification capabilities
- Understand data classification
- Data classification capabilities in Microsoft 365 Compliance Center
- Describe the value of content and activity explorer
- Get started with content explorer
- Get started with activity explorer
- Describe sensitivity labels
- Learn about sensitivity labels
- What are sensitivity labels and policies?
- Describe Retention Policies and Retention Labels
- Learn about retention policies & labels
- What are retention policies and retention labels?
- Describe Records Management
- Learn about records management in Microsoft 365
- What is records management?
- Describe Data Loss Prevention
- What is Data loss prevention?
- Overview of data loss prevention
- Data loss prevention
Describe Insider Risk Capabilities in Microsoft 365
- Describe Insider Risk Management solution
- What is an Insider risk management solution?
- Learn about insider risk management in M365
- Describe communication compliance
- What is communication compliance?
- Learn about communication compliance
- Describe information barriers
- What are the different information barriers?
- Information barriers in Microsoft 365
- Information barriers in Teams
- Describe privileged access management
- What is Privileged Access Management (PIM)?
- Privileged access management in Microsoft 365
- Describe customer lockbox
- What is a Customer Lockbox?
- Customer Lockbox for Azure
- Customer Lockbox for Microsoft 365
Describe the ediscovery Capabilities of Microsoft 365
- Describe the purpose of eDiscovery
- What’s the purpose of eDiscovery?
- eDiscovery solutions in Microsoft 365
- Describe the capabilities of the content search tool
- Content Search
- What are the capabilities of the content search tool?
- Describe the core eDiscovery workflow
- Explore the Core eDiscovery workflow
- What is the core eDiscovery workflow?
- Describe the advanced eDisovery workflow
- What’s the advanced eDiscovery workflow?
- Overview of Microsoft 365 Advanced eDiscovery
Describe the Audit Capabilities in Microsoft 365
- Describe the core audit capabilities of M365
- What are the core audit capabilities of Microsoft 365?
- Describe the purpose and value of Advanced Auditing
- Advanced audit in Microsoft 365
- The purpose and value of Advanced Auditing
Describe Resource Governance Capabilities in Azure
- Describe the use of Azure Resource locks
- Azure Resource Manager locks
- Lock resources to prevent unexpected changes
- Describe what Azure Blueprints is
- What is Azure Blueprint?
- What’s the use of Azure Blueprints?
- Define Azure Policy and describe its use cases
- What is an Azure Policy?
- Azure Policy use cases
- Describe cloud adoption framework
- Microsoft Cloud Adoption Framework for Azure
- What is the cloud adoption framework?
This brings us to the end of the SC-900 Microsoft Security, Compliance, and Identity Fundamentals exam study guide.
Follow Me to Receive Updates on SC-900 Exam
Share the SC-900 Study Guide in Your Network
Share on facebook
Share on twitter
Share on linkedin
