SC-900: Microsoft Security Fundamentals Exam Study Guide

In this post, we will discuss with you how to prepare and pass the Microsoft Azure SC-900 Exam (Azure Security, Compliance, and Identity Fundamentals) successfully.

The topics covered in this blog are:

• What is SC-900 Exam?
• Who Can Do This Certification?
• Benefits of SC-900 Certification
• SC-900 Exam Details
• SC-900 Exam Skills Measured
• How to Register for Azure SC 900 Exam
• Pre-requisites for SC-900 Certification
• SC 900 Study Guide
• SC 900 Exam Retake Policy
• Conclusion

What Is the SC-900 Exam?

The SC-900 Certification (Security, Compliance, and Identity Fundamentals) is designed for people who want to become familiar with the fundamentals of SCI across cloud-based and related Microsoft services. it is developed for a broad audience that may include business stakeholders, fresher IT students, and existing IT professionals that have an interest in Microsoft SCI (Security, Compliance, and Identity) Solutions.

• Security, compliance, and identity
• Microsoft identity and access management solutions
• Microsoft security solutions
• Microsoft compliance solutions

Are you a beginner in the Azure cloud? Do check out our blog post on the Azure Certification Path and choose the best certification for you.

Who Can Do This Certification?

The SC-900 test is designed for three types of people. They are as follows:

1. Shareholders of a business.
2. New or present IT professionals.
3. Students who are interested in security, compliance, and identity solutions.

Benefits of SC-900 Certification

• This certification serves as a starting point for anyone interested in learning more about Microsoft security.
• It helps you understand all the different options available with Microsoft365 and Azure in terms of security
• It will be crucial if you wish to shift from traditional to cloud security
• As a manager, it may help you communicate more effectively with your customers and team.
• You’d be able to collaborate with Security solutions architects and Security operations analysts to keep the company’s security posture up to date.

Also Check: Azure Data Factory Interview Questions

SC-900 Exam Details

SC-900 Exam Skills Measured

How to Register for Azure SC 900 Exam

Registering for an SC-900 exam is very easy. you can easily register for this exam by clicking on this link and you can schedule a time and date to give the exam.

Pre-requisites for SC-900 Certification

Freshers or experienced professionals trying SC-900 Exam must have general knowledge and necessary experience in the IT environment. They should also have a basic grasp of Microsoft365 and Azure Services.

SC 900 Study Guide

Describe the Concepts of Security, Compliance, and Identity (5-10%)

Describe security and compliance concepts & methodologies

• describe the Zero-Trust methodology
  • zero-trust methodology
    • What is Zero Trust?
    • Implementing a Zero Trust security model at Microsoft
• describe the shared responsibility model
  • shared responsibility model
    • Shared responsibility in the cloud
    • Shared Responsibility for Cloud Computing
• define defense in depth
  • Describe defense in depth
    • What is Defense-in-depth
    • Defense in depth security
• describe common threats
  • Understanding malware & other threats
  • 10 Common Security Threats in the Enterprise
• describe encryption and hashing
  • What is encryption, and how does it work?
  • Encryption hashing and signing
• describe cloud adoption framework
  • What is the Microsoft Cloud Adoption Framework for Azure?
  • What is Cloud Adoption Framework?

Define identity concepts

• define identity as the primary security perimeter
  • Define Identity as the primary security perimeter
  • Four Pillars of Identity
• define authentication
  • What is Authentication
• define authorization
  • What is Authorization?
  • Authentication vs. authorization
• describe what identity providers are
  • What is an identity provider (IdP)?
  • Identity Providers for External Identities
• describe what Active Directory is
  • Understanding Active Directory
• describe the concept of Federated services
  • Describe the concept of Federated Services
• define common Identity Attacks
  • 5 Identity Attacks That Exploit Your Broken Authentication

Describe the capabilities of Microsoft Identity and Access Management Solutions (25-30%)

Describe the basic identity services and identity types of Azure AD

• describe what Azure Active Directory
  • What is Azure Active Directory?
  • Describe what is Azure Active Directory
• describe Azure AD identity types (users, devices, groups, service principals/applications)
  • Describe Azure AD identity types
• describe what hybrid identity is
  • Describe the concept of hybrid identities
• describe the different external identity types (Guest Users)
  • Describe the types of external identities

Describe the authentication capabilities of Azure AD

• describe the different authentication methods
  • Describe the different authentication methods of Azure AD
  • Authentication and verification methods in Azure Active Directory
• describe self-service password reset
  • SSPR in Azure AD
  • How does Azure AD self-service password reset work?
• describe password protection and management capabilities
  • Password protection and management capabilities of Azure AD
    • Eliminate bad passwords using Azure AD Password Protection
    • Eliminate bad passwords using Azure AD Password Protection
• describe Multi-factor Authentication
  • MFA in Azure AD
    • How Azure AD MFA works?
    • Configure Azure AD MFA
• describe Windows Hello for Business
  • Windows Hello for Business Overview

Describe access management capabilities of Azure AD

• describe what conditional access is
  • What is Conditional Access?
• describe uses and benefits of conditional access
  • Describe Conditional Access and its benefits
• describe the benefits of Azure AD roles
  • What is Azure role-based access control?
  • Understand different roles

Describe the identity protection & governance capabilities of Azure AD

• describe what identity governance is
  • What is Azure AD Identity Governance?
  • Describe identity governance in Azure AD
• describe what entitlement management and access reviews is
  • What is Azure AD entitlement management?
  • What are Azure AD access reviews?
  • Describe what is entitlement management and access reviews
• describe the capabilities of PIM
  • What is Azure AD Privileged Identity Management?
  • Describe the capabilities of Privileged identity Management
• describe Azure AD Identity Protection
  • What is Identity Protection?
  • Describe Azure Identity Protection

Describe the capabilities of Microsoft Security solutions (30-35%)

Describe basic security capabilities in Azure

• describe Azure Network Security groups
  • Network security groups
  • Describe Azure Network Security groups
• describe Azure DDoS protection
  • Describe Azure DDoS protection
  • Azure DDoS Protection Standard overview
• describe what Azure Firewall is
  • Describe what is Azure Firewall
  • What is Azure Firewall?
• describe what Azure Bastion is
  • Describe what is Azure Bastion
  • What is Azure Bastion?
• describe what a Web Application Firewall is
  • Describe what is Web Application Firewall
  • What is Azure Web Application Firewall?
• describe ways Azure encrypts data
  • Encryption options in Azure
  • Azure encryption overview

Describe the security management capabilities of Azure

• Describe the Azure Security center
  • What is Azure Security Center?
  • Explore Azure Security center
• Describe Azure Secure score
  • Secure score in Azure Security Center
  • Explore Azure Secure score
• Describe the benefit and use cases of Azure Defender
  • Benefits & use cases of Azure Defender
  • Introduction to Microsoft Defender for servers
• Describe Cloud Security Posture Management (CSPM)
• Describe security baselines for Azure
  • Describe security baselines for Azure
    • Azure security baseline for Security Center
    • Azure security baseline for Azure Resource Manager
    • Azure security baseline for Azure Monitor
    • Azure security baseline for Azure Virtual Desktop
    • Azure security baseline for Virtual Network

Describe the security capabilities of Microsoft Sentinel

• define the concepts of SIEM, SOAR, XDR
  • Define the concepts of SIEM, SOAR, XDR
  • SIEM, SOC, SOAR, MDR, EDR & XDR Defined
• describe how of Microsoft Sentinel provides integrated threat protection
  • how Microsoft Sentinel provides integrated threat protection
  • Integrated threat protection with SIEM and XDR

Describe threat protection with Microsoft 365 Defender

• describe Microsoft 365 Defender services
  • Describe Microsoft 365 Defender services
  • Microsoft 365 Defender
• describe Microsoft Defender for Identity (formerly Azure ATP)
  • What is Microsoft Defender for Identity?
  • Describe Microsoft Defender for Identity
• describe Microsoft Defender for Office 365 (formerly Office 365 ATP)
  • Describe Microsoft Defender for Office 365
  • Microsoft Defender for Office 365 security overview
• describe Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)
  • Microsoft Defender for Endpoint
  • Describe Microsoft Defender for Endpoint
• describe Microsoft Defender for Cloud Apps
  • Microsoft Defender for Cloud Apps overview
  • Describe Microsoft Defender for Cloud Apps

Describe the security management capabilities of Microsoft 365

• describe the Microsoft 365 Defender portal
  • Microsoft 365 security center overview
  • Microsoft 365 Defender Portal Now Combines Security Signals from End Points and E-Mails
• describe how to use Microsoft Secure Score
  • Microsoft Secure Score
  • how to use Microsoft Secure Score
• describe security reports and dashboards
  • Explore security reports and dashboards
  • Security dashboard in the Security & Compliance Center
• describe incidents and incident management capabilities
  • Describe incidents capabilities
  • Incident management overview

Describe endpoint security with Microsoft Intune

• describe what Intune is
  • what is Intune?
  • Microsoft Intune Overview
• describe endpoint security with Intune
  • Describe endpoint security with Intune
  • Manage endpoint security in Microsoft Intune
• describe the endpoint security with the Microsoft Endpoint Manager admin center
  • Microsoft Endpoint Manager overview
  • Walkthrough Intune in Microsoft Endpoint Manager

Describe the capabilities of Microsoft compliance solutions (25-30%)

Describe the compliance management capabilities in Microsoft

• describe the offerings of the Service Trust portal
  • Introducing the Service Trust Portal
  • Service Trust Portal offering
• describe Microsoft’s privacy principles
  • Describe Microsoft’s privacy principles
  • Microsoft Privacy principles
• describe the compliance center
  • Describe the Compliance Center
  • Microsoft 365 compliance center
• describe compliance manager
  • Describe Compliance Manager
  • Microsoft Compliance Manager
• describe the use and benefits of the compliance score
  • Understanding your compliance score
  • Use and benefits of compliance score

Describe information protection and governance capabilities of Microsoft 365

• describe data classification capabilities
  • Learn about data classification
  • Data classification capabilities in the Microsoft 365 Compliance Center
• describe the value of content and activity explorer
  • Get started with content explorer
  • Get started with activity explorer
• describe sensitivity labels
  • Learn about sensitivity labels
  • Describe sensitivity labels and policies
• describe Retention Policies and Retention Labels
  • Learn about retention policies and retention labels
  • Describe retention policies and retention labels
• describe Records Management
  • Records management in Microsoft 365
  • Describe records management
• describe Data Loss Prevention
  • Describe data loss prevention
  • Data loss prevention Overview
  • Data loss prevention in Exchange Online

Describe insider risk capabilities in Microsoft 365

• describe an Insider risk management solution
  • What is an Insider risk management solution?
  • Insider risk management in Microsoft 365
• describe communication compliance
  • What is communication compliance?
  • Communication compliance in Microsoft 365
• describe information barriers
  • Information barriers
    • Information barriers in Microsoft 365
    • Information barriers in Microsoft Teams
• describe privileged access management
  • Privileged access management
  • Privileged access management in Microsoft 365
• describe customer lockbox
  • Customer Lockbox
    • Customer Lockbox for Microsoft Azure
    • Announcing Customer Lockbox for Office 365

Describe the eDiscovery and audit capabilities of Microsoft 365

• describe the purpose of eDiscovery
  • What’s the purpose of eDiscovery?
  • eDiscovery solutions in Microsoft 365
• describe the capabilities of the content search tool
  • Create a content search
  • Capabilities of the content search tool
• describe the core eDiscovery workflow
  • Explore the Core eDiscovery workflow
  • What is the core eDiscovery workflow?
• describe the advanced eDiscovery workflow
  • Advanced eDiscovery workflow
  • Overview of Microsoft 365 Advanced eDiscovery
• describe the core audit capabilities of M365
  • What are the core audit capabilities of Microsoft 365?
• describe the purpose and value of Advanced Auditing
  • Advanced Audit in Microsoft 365
  • The purpose and value of Advanced Auditing

Describe resource governance capabilities in Azure

• describe the use of Azure Resource locks
  • Azure Resource Manager locks
  • Lock resources to prevent unexpected changes
• describe what Azure Blueprints is
  • What is Azure Blueprints?
  • Use of Azure Blueprints
• define Azure Policy and describe its use cases
  • Azure Policy
  • What is Azure Policy?

SC 900 Exam Retake Policy

The SC-900 exam retake policy is as follows:

1. If a candidate fails on the first attempt, they must wait for 24 hours before retaking the exam.

2. If a candidate again fails on the second attempt, then the candidate will have to wait for 14 days.

Conclusion

I hope you liked the SC-900 Exam Study Guide and that it will help you prepare for the exam. Have I missed any of the links or do you have any recommended SC-900 exam study resources?

Please let me know in the comment section.

Related/References

• AZ-900: Azure Fundamentals Certification Study Guide
• AI-900: Azure AI Fundamentals Certification Study Guide
• DP-900: Azure Data Fundamentals Certification Study Guide
• Azure Durable Functions
• What is Microsoft Azure Recovery Services Vault?
• Introduction to Microsoft Azure Blueprints
• What is Azure ExpressRoute?