In this post, we will discuss with you how to prepare and pass the Microsoft Azure SC-900 Exam (Azure Security, Compliance, and Identity Fundamentals) successfully.
The topics covered in this blog are:
- What is SC-900 Exam?
- Who Can Do This Certification?
- Benefits of SC-900 Certification
- SC-900 Exam Details
- SC-900 Exam Skills Measured
- How to Register for Azure SC 900 Exam
- Pre-requisites for SC-900 Certification
- SC 900 Study Guide
- SC 900 Exam Retake Policy
- Conclusion
What Is the SC-900 Exam?
The SC-900 Certification (Security, Compliance, and Identity Fundamentals) is designed for people who want to become familiar with the fundamentals of SCI across cloud-based and related Microsoft services. it is developed for a broad audience that may include business stakeholders, fresher IT students, and existing IT professionals that have an interest in Microsoft SCI (Security, Compliance, and Identity) Solutions.
- Security, compliance, and identity
- Microsoft identity and access management solutions
- Microsoft security solutions
- Microsoft compliance solutions
Are you a beginner in the Azure cloud? Do check out our blog post on the Azure Certification Path and choose the best certification for you.
Who Can Do This Certification?
The SC-900 test is designed for three types of people. They are as follows:
- Shareholders of a business.
- New or present IT professionals.
- Students who are interested in security, compliance, and identity solutions.
Benefits of SC-900 Certification
- This certification serves as a starting point for anyone interested in learning more about Microsoft security.
- It helps you understand all the different options available with Microsoft365 and Azure in terms of security
- It will be crucial if you wish to shift from traditional to cloud security
- As a manager, it may help you communicate more effectively with your customers and team.
- You’d be able to collaborate with Security solutions architects and Security operations analysts to keep the company’s security posture up to date.
Also Check: Azure Data Factory Interview Questions
SC-900 Exam Details
Exam Name Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals Exam Duration 180 Minutes Exam Fee $99 Number of Questions 110 Questions Exam Type Multiple Choice Examination Exam Languages English, Japanese, Korean, Spanish, and Portuguese Passing Marks 700 Exam validity Lifetime
SC-900 Exam Skills Measured
Describe the concepts of security, compliance, and identity 10-15% Describe the capabilities of Microsoft identity and access management solutions 30-35% Describe the capabilities of Microsoft security solutions 35-40% Describe the capabilities of Microsoft compliance solutions 25-30%
How to Register for Azure SC 900 Exam
Registering for an SC-900 exam is very easy. you can easily register for this exam by clicking on this link and you can schedule a time and date to give the exam.
Pre-requisites for SC-900 Certification
Freshers or experienced professionals trying SC-900 Exam must have general knowledge and necessary experience in the IT environment. They should also have a basic grasp of Microsoft365 and Azure Services.
SC 900 Study Guide
Describe the Concepts of Security, Compliance, and Identity (5-10%)
Describe security and compliance concepts & methodologies
- describe the Zero-Trust methodology
- describe the shared responsibility model
- define defense in depth
- describe common threats
- describe encryption and hashing
- describe cloud adoption framework
Define identity concepts
- define identity as the primary security perimeter
- define authentication
- define authorization
- describe what identity providers are
- describe what Active Directory is
- describe the concept of Federated services
- define common Identity Attacks
Describe the capabilities of Microsoft Identity and Access Management Solutions (25-30%)
Describe the basic identity services and identity types of Azure AD
- describe what Azure Active Directory
- describe Azure AD identity types (users, devices, groups, service principals/applications)
- describe what hybrid identity is
- describe the different external identity types (Guest Users)
Describe the authentication capabilities of Azure AD
- describe the different authentication methods
- describe self-service password reset
- describe password protection and management capabilities
- describe Multi-factor Authentication
- describe Windows Hello for Business
Describe access management capabilities of Azure AD
- describe what conditional access is
- describe uses and benefits of conditional access
- describe the benefits of Azure AD roles
Describe the identity protection & governance capabilities of Azure AD
- describe what identity governance is
- describe what entitlement management and access reviews is
- describe the capabilities of PIM
- describe Azure AD Identity Protection
Describe the capabilities of Microsoft Security solutions (30-35%)
Describe basic security capabilities in Azure
- describe Azure Network Security groups
- describe Azure DDoS protection
- describe what Azure Firewall is
- describe what Azure Bastion is
- describe what a Web Application Firewall is
- describe ways Azure encrypts data
Describe the security management capabilities of Azure
- Describe the Azure Security center
- Describe Azure Secure score
- Describe the benefit and use cases of Azure Defender
- Describe Cloud Security Posture Management (CSPM)
- Describe security baselines for Azure
Describe the security capabilities of Microsoft Sentinel
- define the concepts of SIEM, SOAR, XDR
- describe how of Microsoft Sentinel provides integrated threat protection
Describe threat protection with Microsoft 365 Defender
- describe Microsoft 365 Defender services
- describe Microsoft Defender for Identity (formerly Azure ATP)
- describe Microsoft Defender for Office 365 (formerly Office 365 ATP)
- describe Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)
- describe Microsoft Defender for Cloud Apps
Describe the security management capabilities of Microsoft 365
- describe the Microsoft 365 Defender portal
- describe how to use Microsoft Secure Score
- describe security reports and dashboards
- describe incidents and incident management capabilities
Describe endpoint security with Microsoft Intune
- describe what Intune is
- describe endpoint security with Intune
- describe the endpoint security with the Microsoft Endpoint Manager admin center
Describe the capabilities of Microsoft compliance solutions (25-30%)
Describe the compliance management capabilities in Microsoft
- describe the offerings of the Service Trust portal
- describe Microsoft’s privacy principles
- describe the compliance center
- describe compliance manager
- describe the use and benefits of the compliance score
Describe information protection and governance capabilities of Microsoft 365
- describe data classification capabilities
- describe the value of content and activity explorer
- describe sensitivity labels
- describe Retention Policies and Retention Labels
- describe Records Management
- describe Data Loss Prevention
Describe insider risk capabilities in Microsoft 365
- describe an Insider risk management solution
- describe communication compliance
- describe information barriers
- describe privileged access management
- describe customer lockbox
Describe the eDiscovery and audit capabilities of Microsoft 365
- describe the purpose of eDiscovery
- describe the capabilities of the content search tool
- describe the core eDiscovery workflow
- describe the advanced eDiscovery workflow
- describe the core audit capabilities of M365
- describe the purpose and value of Advanced Auditing
Describe resource governance capabilities in Azure
- describe the use of Azure Resource locks
- describe what Azure Blueprints is
- define Azure Policy and describe its use cases
SC 900 Exam Retake Policy
The SC-900 exam retake policy is as follows:
- If a candidate fails on the first attempt, they must wait for 24 hours before retaking the exam.
- If a candidate again fails on the second attempt, then the candidate will have to wait for 14 days.
Conclusion
I hope you liked the SC-900 Exam Study Guide and that it will help you prepare for the exam. Have I missed any of the links or do you have any recommended SC-900 exam study resources?
Please let me know in the comment section.
Related/References
- SC-900: Microsoft Security Fundamentals Study Guide PDF
- AZ-900: Azure Fundamentals Certification Study Guide
- AI-900: Azure AI Fundamentals Certification Study Guide
- DP-900: Azure Data Fundamentals Certification Study Guide
- Azure Durable Functions
- What is Microsoft Azure Recovery Services Vault?
- Introduction to Microsoft Azure Blueprints
- What is Azure ExpressRoute?