SC-900: Microsoft Security, Compliance, and Identity Fundamentals

SC-900: Microsoft Security, Compliance, and Identity Fundamentals

This exam measures your ability to describe the following: concepts of security, compliance, and identity; capabilities of Microsoft Entra; capabilities of Microsoft Security solutions; and capabilities of Microsoft compliance solutions.

This exam is targeted to you if you’re looking to familiarize yourself with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.

If you have an interest in Microsoft SCI solutions, this exam is for you, whether you’re a:

◉ Business stakeholder
◉ New or existing IT professional
◉ Student

You should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft SCI solutions can span across these solution areas to provide a holistic and end-to-end solution.

Microsoft Security, Compliance, and Identity Fundamentals Exam Summary:


Exam Name Microsoft Certified - Security Compliance and Identity Fundamentals
Exam Code   SC-900
Exam Price  $99 (USD)
Exam Price  120 mins
Number of Questions  40-60
Passing Score  700 / 1000
Books / TrainingCourse SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals
Sample Questions Microsoft Security, Compliance, and Identity Fundamentals Sample Questions
Practice Exam  Microsoft SC-900 Certification Practice Exam

Microsoft SC-900 Exam Syllabus Topics:


Topic Details
Describe the Concepts of Security, Compliance, and Identity (10-15%)
Describe security and compliance concepts - Describe the shared responsibility model
- Describe defense-in-depth
- Describe the Zero Trust model
- Describe encryption and hashing
- Describe Governance, Risk, and Compliance (GRC) concepts
Define identity concepts - Define identity as the primary security perimeter
- Define authentication
- Define authorization
- Describe identity providers
- Describe the concept of directory services and Active Directory
- Describe the concept of Federation
Describe the capabilities of Microsoft Entra (25-30%)
Describe function and identity types of Microsoft Entra ID - Describe Microsoft Entra ID
- Describe types of identities
- Describe hybrid identity
Describe authentication capabilities of Microsoft Entra ID - Describe the authentication methods
- Describe multi-factor authentication (MFA)
- Describe password protection and management capabilities
Describe access management capabilities of Microsoft Entra ID - Describe Conditional Access
- Describe Microsoft Entra roles and role-based access control (RBAC)
Describe identity protection and governance capabilities of Microsoft Entra - Describe Microsoft Entra ID Governance
- Describe access reviews
- Describe the capabilities of Microsoft Entra Privileged Identity Management
- Describe Entra ID Protection
- Describe Microsoft Entra Permissions Management
Describe the capabilities of Microsoft Security Solutions (35-40%)
Describe core infrastructure security services in Azure - Describe Azure distributed denial-of-service (DDoS) Protection
- Describe Azure Firewall
- Describe Web Application Firewall (WAF)
- Describe network segmentation with Azure virtual networks
- Describe network security groups (NSGs)
- Describe Azure Bastion
- Describe Azure Key Vault
Describe security management capabilities of Azure - Describe Microsoft Defender for Cloud
- Describe Cloud security posture management (CSPM)
- Describe how security policies and initiatives improve the cloud security posture
- Describe enhanced security features provided by cloud workload protection
Describe capabilities of Microsoft Sentinel - Define the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)
- Describe threat detection and mitigation capabilities in Microsoft Sentinel
Describe threat protection with Microsoft 365 Defender - Describe Microsoft 365 Defender services
- Describe Microsoft Defender for Office 365
- Describe Microsoft Defender for Endpoint
- Describe Microsoft Defender for Cloud Apps
- Describe Microsoft Defender for Identity
- Describe Microsoft Defender Vulnerability Management
- Describe Microsoft Defender Threat Intelligence (Defender TI)
- Describe the Microsoft 365 Defender portal
Describe the Capabilities of Microsoft Compliance Solutions (20-25%)
Describe Microsoft Service Trust Portal and privacy principles - Describe the Service Trust Portal offerings
- Describe the privacy principles of Microsoft
- Describe Microsoft Priva
Describe compliance management capabilities of Microsoft Purview - Describe the Microsoft Purview compliance portal
- Describe compliance manager
- Describe the uses and benefits of compliance score
Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview - Describe the data classification capabilities
- Describe the benefits of Content explorer and Activity explorer
- Describe sensitivity labels and sensitivity label policies
- Describe data loss prevention (DLP)
- Describe records management
- Describe retention policies, retention labels, and retention label policies
- Describe unified data governance solutions in Microsoft Purview
Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview - Describe Insider Risk Management
- Describe eDiscovery solutions in Microsoft Purview
- Describe audit solutions in Microsoft Purview

0 comments:

Post a Comment