https://github.com/oliverbebber/sc-900-study-notes

Microsoft SC-900 Study Notes
https://github.com/oliverbebber/sc-900-study-notes

azure microsoft security

Last synced: 8 months ago
JSON representation

Microsoft SC-900 Study Notes

• Host: GitHub
• URL: https://github.com/oliverbebber/sc-900-study-notes
• Owner: oliverbebber
• Created: 2023-02-18T03:08:06.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2023-03-02T17:46:23.000Z (over 3 years ago)
• Last Synced: 2025-03-06T03:31:48.119Z (over 1 year ago)
• Topics: azure, microsoft, security
• Homepage:
• Size: 55.7 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: readme.md
  • Security: Security Compliance and Identity Concepts.md

Awesome Lists containing this project

README

          
# SC-900: Microsoft Security, Compliance, and Identity Fundamentals Notes

This project is a work in progress while I study and take notes for the SC-900 Exam. 

# Disclaimer

Do not rely on these notes to pass the exam. It's advised to use Microsoft's study guide for the exam: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Mr81

There are some courses available on LinkedIn and on Youtube, for example an Exam Cram course: https://www.youtube.com/watch?v=rDxtTM7cOPI

----

## Skills measured as of February 7, 2023

### Audience profile

This certification is targeted to those looking to familiarize themselves with the fundamentals of 

security, compliance, and identity (SCI) across cloud-based and related Microsoft services.

This is a broad audience that may include business stakeholders, new or existing IT professionals, or 

students who have an interest in Microsoft security, compliance, and identity solutions.

Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how 

Microsoft security, compliance, and identity solutions can span across these solution areas to provide a 

holistic and end-to-end solution.

----

# Exam Objectives

### Describe the concepts of security, compliance, and identity (10–15%)

Describe security and compliance concepts

- Describe the shared responsibility model

- Describe defense in depth

- Describe the Zero-Trust model

- Describe encryption and hashing

- Describe compliance concepts

Define identity concepts

- Define identity as the primary security perimeter

- Define authentication

- Define authorization

- Describe identity providers

- Describe Active Directory

- Describe the concept of Federation

### Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra (25–30%)

Describe the basic identity services and identity types of Azure AD

- Describe Azure AD

- Describe Azure AD identities

- Describe hybrid identity

- Describe the different external identity types

Describe the authentication capabilities of Azure AD

- Describe the authentication methods available in Azure AD

- Describe Multi-factor Authentication

- Describe self-service password reset

- Describe password protection and management capabilities available in Azure AD

Describe access management capabilities of Azure AD

- Describe conditional access

- Describe the benefits of Azure AD roles.

- Describe the benefits of Azure AD role-based access control

Describe the identity protection and governance capabilities of Azure AD

- Describe identity governance in Azure AD

- Describe entitlement management and access reviews

- Describe the capabilities of Azure AD Privileged Identity Management (PIM)

- Describe Azure AD Identity Protection

### Describe the capabilities of Microsoft Security solutions (25–30%)

Describe basic security capabilities in Azure

- Describe Azure DDoS protection

- Describe Azure Firewall

- Describe Web Application Firewall

- Describe Network Segmentation with Azure Virtual Networks

- Describe Azure Network Security groups

- Describe Azure Bastion and JIT Access

- Describe ways Azure encrypts data

Describe security management capabilities of Azure

- Describe Cloud security posture management (CSPM)

- Describe Microsoft Defender for Cloud

- Describe the enhanced security features of Microsoft Defender for Cloud

- Describe security baselines for Azure

Describe security capabilities of Microsoft Sentinel

- Define the concepts of SIEM and SOAR

- Describe how Microsoft Sentinel provides integrated threat management

Describe threat protection with Microsoft 365 Defender

- Describe Microsoft 365 Defender services

- Describe Microsoft Defender for Office 365

- Describe Microsoft Defender for Endpoint

- Describe Microsoft Defender for Cloud Apps

- Describe Microsoft Defender for Identity

- Describe the Microsoft 365 Defender portal

### Describe the capabilities of Microsoft compliance solutions (25–30%)

Describe Microsoft’s Service Trust Portal and privacy principles

- Describe the offerings of the Service Trust portal

- Describe Microsoft’s privacy principles

Describe the compliance management capabilities of Microsoft Purview

- Describe the Microsoft Purview compliance portal

- Describe compliance manager

- Describe the use and benefits of compliance score

Describe information protection and data lifecycle management capabilities of Microsoft Purview

- Describe data classification capabilities

- Describe the benefits of content explorer and activity explorer

- Describe sensitivity labels

- Describe Data Loss Prevention (DLP)

- Describe Records Management

- Describe Retention Polices and Retention Labels

Describe insider risk capabilities in Microsoft Purview

- Describe Insider Risk Management

- Describe communication compliance

- Describe information barriers

Describe resource governance capabilities in Azure

- Describe Azure Policy

- Describe Azure Blueprints

- Describe the Microsoft Purview unified data governance solution