This exam measures your ability to describe the following: concepts of security, compliance, and identity; capabilities of Microsoft Entra; capabilities of Microsoft Security solutions; and capabilities of Microsoft compliance solutions.
This exam is targeted to you if you’re looking to familiarize yourself with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
If you have an interest in Microsoft SCI solutions, this exam is for you, whether you’re a:
◉ Business stakeholder
◉ New or existing IT professional
◉ Student
You should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft SCI solutions can span across these solution areas to provide a holistic and end-to-end solution.
Microsoft Security, Compliance, and Identity Fundamentals Exam Summary:
Exam Name | Microsoft Certified - Security Compliance and Identity Fundamentals |
Exam Code | SC-900 |
Exam Price | $99 (USD) |
Exam Price | 120 mins |
Number of Questions | 40-60 |
Passing Score | 700 / 1000 |
Books / Training | Course SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals |
Sample Questions | Microsoft Security, Compliance, and Identity Fundamentals Sample Questions |
Practice Exam | Microsoft SC-900 Certification Practice Exam |
Microsoft SC-900 Exam Syllabus Topics:
Topic | Details |
Describe the Concepts of Security, Compliance, and Identity (10-15%) | |
Describe security and compliance concepts | - Describe the shared responsibility model - Describe defense-in-depth - Describe the Zero Trust model - Describe encryption and hashing - Describe Governance, Risk, and Compliance (GRC) concepts |
Define identity concepts | - Define identity as the primary security perimeter - Define authentication - Define authorization - Describe identity providers - Describe the concept of directory services and Active Directory - Describe the concept of Federation |
Describe the capabilities of Microsoft Entra (25-30%) | |
Describe function and identity types of Microsoft Entra ID | - Describe Microsoft Entra ID - Describe types of identities - Describe hybrid identity |
Describe authentication capabilities of Microsoft Entra ID | - Describe the authentication methods - Describe multi-factor authentication (MFA) - Describe password protection and management capabilities |
Describe access management capabilities of Microsoft Entra ID | - Describe Conditional Access - Describe Microsoft Entra roles and role-based access control (RBAC) |
Describe identity protection and governance capabilities of Microsoft Entra | - Describe Microsoft Entra ID Governance - Describe access reviews - Describe the capabilities of Microsoft Entra Privileged Identity Management - Describe Entra ID Protection - Describe Microsoft Entra Permissions Management |
Describe the capabilities of Microsoft Security Solutions (35-40%) | |
Describe core infrastructure security services in Azure | - Describe Azure distributed denial-of-service (DDoS) Protection - Describe Azure Firewall - Describe Web Application Firewall (WAF) - Describe network segmentation with Azure virtual networks - Describe network security groups (NSGs) - Describe Azure Bastion - Describe Azure Key Vault |
Describe security management capabilities of Azure | - Describe Microsoft Defender for Cloud - Describe Cloud security posture management (CSPM) - Describe how security policies and initiatives improve the cloud security posture - Describe enhanced security features provided by cloud workload protection |
Describe capabilities of Microsoft Sentinel | - Define the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR) - Describe threat detection and mitigation capabilities in Microsoft Sentinel |
Describe threat protection with Microsoft 365 Defender | - Describe Microsoft 365 Defender services - Describe Microsoft Defender for Office 365 - Describe Microsoft Defender for Endpoint - Describe Microsoft Defender for Cloud Apps - Describe Microsoft Defender for Identity - Describe Microsoft Defender Vulnerability Management - Describe Microsoft Defender Threat Intelligence (Defender TI) - Describe the Microsoft 365 Defender portal |
Describe the Capabilities of Microsoft Compliance Solutions (20-25%) | |
Describe Microsoft Service Trust Portal and privacy principles | - Describe the Service Trust Portal offerings - Describe the privacy principles of Microsoft - Describe Microsoft Priva |
Describe compliance management capabilities of Microsoft Purview | - Describe the Microsoft Purview compliance portal - Describe compliance manager - Describe the uses and benefits of compliance score |
Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview | - Describe the data classification capabilities - Describe the benefits of Content explorer and Activity explorer - Describe sensitivity labels and sensitivity label policies - Describe data loss prevention (DLP) - Describe records management - Describe retention policies, retention labels, and retention label policies - Describe unified data governance solutions in Microsoft Purview |
Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview | - Describe Insider Risk Management - Describe eDiscovery solutions in Microsoft Purview - Describe audit solutions in Microsoft Purview |
0 comments:
Post a Comment