{"id":20536004,"url":"https://github.com/oliverbebber/sc-900-study-notes","last_synced_at":"2025-10-25T15:09:48.607Z","repository":{"id":133975258,"uuid":"603283453","full_name":"oliverbebber/SC-900-Study-Notes","owner":"oliverbebber","description":"Microsoft SC-900 Study Notes","archived":false,"fork":false,"pushed_at":"2023-03-02T17:46:23.000Z","size":57,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-06T03:31:48.119Z","etag":null,"topics":["azure","microsoft","security"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/oliverbebber.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"Security Compliance and Identity Concepts.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-02-18T03:08:06.000Z","updated_at":"2024-07-21T14:54:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"cb76da23-74dc-4c24-b60d-cf5f81fcc5ba","html_url":"https://github.com/oliverbebber/SC-900-Study-Notes","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/oliverbebber/SC-900-Study-Notes","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oliverbebber%2FSC-900-Study-Notes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oliverbebber%2FSC-900-Study-Notes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oliverbebber%2FSC-900-Study-Notes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oliverbebber%2FSC-900-Study-Notes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/oliverbebber","download_url":"https://codeload.github.com/oliverbebber/SC-900-Study-Notes/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oliverbebber%2FSC-900-Study-Notes/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260630555,"owners_count":23039128,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure","microsoft","security"],"created_at":"2024-11-16T00:35:02.971Z","updated_at":"2025-10-25T15:09:48.537Z","avatar_url":"https://github.com/oliverbebber.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# SC-900: Microsoft Security, Compliance, and Identity Fundamentals Notes\nThis project is a work in progress while I study and take notes for the SC-900 Exam. \n\n\n# Disclaimer\nDo not rely on these notes to pass the exam. It's advised to use Microsoft's study guide for the exam: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Mr81\n\nThere are some courses available on LinkedIn and on Youtube, for example an Exam Cram course: https://www.youtube.com/watch?v=rDxtTM7cOPI\n\n\n----\n## Skills measured as of February 7, 2023\n### Audience profile\nThis certification is targeted to those looking to familiarize themselves with the fundamentals of \nsecurity, compliance, and identity (SCI) across cloud-based and related Microsoft services.\nThis is a broad audience that may include business stakeholders, new or existing IT professionals, or \nstudents who have an interest in Microsoft security, compliance, and identity solutions.\n\nCandidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how \nMicrosoft security, compliance, and identity solutions can span across these solution areas to provide a \nholistic and end-to-end solution.\n\n----\n# Exam Objectives\n### Describe the concepts of security, compliance, and identity (10–15%)\n\nDescribe security and compliance concepts\n- Describe the shared responsibility model\n- Describe defense in depth\n- Describe the Zero-Trust model\n- Describe encryption and hashing\n- Describe compliance concepts\n\nDefine identity concepts\n- Define identity as the primary security perimeter\n- Define authentication\n- Define authorization\n- Describe identity providers\n- Describe Active Directory\n- Describe the concept of Federation\n\n### Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra (25–30%)\nDescribe the basic identity services and identity types of Azure AD\n- Describe Azure AD\n- Describe Azure AD identities\n- Describe hybrid identity\n- Describe the different external identity types\n\nDescribe the authentication capabilities of Azure AD\n- Describe the authentication methods available in Azure AD\n- Describe Multi-factor Authentication\n- Describe self-service password reset\n- Describe password protection and management capabilities available in Azure AD\n\nDescribe access management capabilities of Azure AD\n- Describe conditional access\n- Describe the benefits of Azure AD roles.\n- Describe the benefits of Azure AD role-based access control\n\nDescribe the identity protection and governance capabilities of Azure AD\n- Describe identity governance in Azure AD\n- Describe entitlement management and access reviews\n- Describe the capabilities of Azure AD Privileged Identity Management (PIM)\n- Describe Azure AD Identity Protection\n\n### Describe the capabilities of Microsoft Security solutions (25–30%)\nDescribe basic security capabilities in Azure\n- Describe Azure DDoS protection\n- Describe Azure Firewall\n- Describe Web Application Firewall\n- Describe Network Segmentation with Azure Virtual Networks\n- Describe Azure Network Security groups\n- Describe Azure Bastion and JIT Access\n- Describe ways Azure encrypts data\n\nDescribe security management capabilities of Azure\n- Describe Cloud security posture management (CSPM)\n- Describe Microsoft Defender for Cloud\n- Describe the enhanced security features of Microsoft Defender for Cloud\n- Describe security baselines for Azure\n\nDescribe security capabilities of Microsoft Sentinel\n- Define the concepts of SIEM and SOAR\n- Describe how Microsoft Sentinel provides integrated threat management\n\nDescribe threat protection with Microsoft 365 Defender\n- Describe Microsoft 365 Defender services\n- Describe Microsoft Defender for Office 365\n- Describe Microsoft Defender for Endpoint\n- Describe Microsoft Defender for Cloud Apps\n- Describe Microsoft Defender for Identity\n- Describe the Microsoft 365 Defender portal\n\n### Describe the capabilities of Microsoft compliance solutions (25–30%)\nDescribe Microsoft’s Service Trust Portal and privacy principles\n- Describe the offerings of the Service Trust portal\n- Describe Microsoft’s privacy principles\n\nDescribe the compliance management capabilities of Microsoft Purview\n- Describe the Microsoft Purview compliance portal\n- Describe compliance manager\n- Describe the use and benefits of compliance score\n\nDescribe information protection and data lifecycle management capabilities of Microsoft Purview\n- Describe data classification capabilities\n- Describe the benefits of content explorer and activity explorer\n- Describe sensitivity labels\n- Describe Data Loss Prevention (DLP)\n- Describe Records Management\n- Describe Retention Polices and Retention Labels\n\nDescribe insider risk capabilities in Microsoft Purview\n- Describe Insider Risk Management\n- Describe communication compliance\n- Describe information barriers\n\nDescribe resource governance capabilities in Azure\n- Describe Azure Policy\n- Describe Azure Blueprints\n- Describe the Microsoft Purview unified data governance solution\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foliverbebber%2Fsc-900-study-notes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foliverbebber%2Fsc-900-study-notes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foliverbebber%2Fsc-900-study-notes/lists"}