Preparing for the SC-900: Microsoft Security, Compliance, and Identity Fundamentals exam (January 2022 Update)

A pretty minor update for SC-900 goes live later this month, the changes mostly being naming changes with Microsoft Defender for Cloud and Microsoft Sentinel. If you work across Azure and Microsoft 365 security and compliance capabilities, this should be a pretty straight forward exam for you. If you only focus on the security and compliance capabilities of one of them, just make sure you focus your preparation on the areas that you are least familiar with.

Describe the Concepts of Security, Compliance, and Identity (10-15%)

Describe security and compliance concepts & methodologies

• describe the Zero-Trust methodology
  • Zero Trust introduction
• describe the shared responsibility model
  • Shared responsibility in the cloud
• define defense in depth
  • Describe defense in depth
• describe common threats
  • Describe common threats
• describe encryption and hashing
  • Encryption in Microsoft 365
  • Azure encryption overview
• describe cloud adoption framework
  • What is the Microsoft Cloud Adoption Framework for Azure?

Describe identity concepts

• define identity as the primary security perimeter
  • Azure identity management security overview
• define authentication
  • Authentication vs. authorization
  • Choose Azure AD authentication
• define authorization
  • Authentication vs. authorization
• describe what identity providers are
  • Identity providers for External Identities
• describe what Active Directory is
  • Active Directory Domain Services Overview
• describe the concept of Federated services
  • What is federation?
• define common Identity Attacks
  • What are risks?

Describe the capabilities of Microsoft Identity and Access Management Solutions (30-35%)

Describe the basic identity services and identity types of Azure AD

• describe what Azure Active Directory is
  • What is Azure Active Directory?
• describe Azure AD identity types (users, devices, groups, service principals/applications)
  • Manage access with groups
  • Securing service principals
  • What is a device identity?
• describe what hybrid identity is
  • What is hybrid identity with Azure Active Directory?
• describe the different external identity types (Guest Users)
  • Add guest users

Describe the authentication capabilities of Azure AD 

• describe the different authentication methods
  • What is password hash synchronization?
  • What is pass-through authentication?
  • What is Seamless Single Sign On?
  • What is federation?
• describe self-service password reset
  • Deploy self-service password reset
  • How it works: Azure AD self-service password reset
• describe password protection and management capabilities
  • Eliminate weak passwords in the cloud
  • Eliminate weak passwords on-premises
• describe Multi-factor Authentication
  • How MFA works
• describe Windows Hello for Business
  • Windows Hello for Business

Describe access management capabilities of Azure AD

• describe what conditional access is
  • Create and assign conditional access policy
• describe uses and benefits of conditional access
  • Common ways to use conditional access
• describe the benefits of Azure AD roles
  • What is RBAC?

Describe the identity protection & governance capabilities of Azure AD

• describe what identity governance is
  • Identity Governance 
• describe what entitlement management and access reviews is
  • What is Azure AD entitlement management?
  • Create an access review of Azure AD roles in Privileged Identity Management 
• describe the capabilities of PIM
  • What is Azure PIM?
• describe Azure AD Identity Protection
  • What is Azure Active Directory Identity Protection?
  • Configure the user risk policy
  • Configure the sign-in risk policy

Describe the capabilities of Microsoft Security Solutions (35-40%)

Describe basic security capabilities in Azure

• describe Azure Network Security groups
  • Network security groups  
• describe Azure DDoS protection
  • Azure DDoS Protection Standard overview
• describe what Azure Firewall is
  • Tutorial: Deploy and configure Azure Firewall using the Azure portal
  • Tutorial: Deploy and configure Azure Firewall in a hybrid network using the Azure portal
• describe what Azure Bastion is
  • Quickstart: Connect to a virtual machine using a private IP address and Azure Bastion
• describe what Web Application Firewall is
  • Azure Web Application Firewall on Azure Application Gateway
• describe ways Azure encrypts data
  • Data security and encryption

Describe security management capabilities of Azure

• describe Cloud security posture management (CSPM)
  • Policies, initiatives, and recommendations
  • Secure score and security controls
  • Reference list of recommendations
• describe Microsoft Defender for Cloud
  • What is Microsoft Defender for Cloud?
• describe Azure Secure score in Microsoft Defender for Cloud
  • Secure score and security controls
• describe the enhanced security of Microsoft Defender for Cloud
  • What is Microsoft Defender for Cloud?
• describe security baselines for Azure
  • Security baseline

Describe security capabilities of MicrosoftSentinel

• define the concepts of SIEM, SOAR, XDR
  • Define the concepts of SIEM, SOAR, XDR
• describe how Microsoft Sentinel to provides integrated threat protection
  • What is Azure Sentinel

Describe threat protection with Microsoft 365 Defender

• describe Microsoft 365 Defender services
  • What is Microsoft 365 Defender?
• describe Microsoft Defender for Identity (formerly Azure ATP)
  • What is Microsoft Defender for Identity?
• describe Microsoft Defender for Office 365 (formerly Office 365 ATP)
  • What is Defender for Office 365?
• describe Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)
  • What is Microsoft Defender for Endpoint?
• describe Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security)
  • What is Microsoft Defender for Cloud Apps?

Describe security management capabilities of Microsoft 365 

• describe the Microsoft 365 Defender portal
  • Microsoft 365 security center
• describe how to use Microsoft Secure Score
  • Track your score history and meet goals
• describe security reports and dashboards
  • Assess your security posture
• describe incidents and incident management capabilities
  • Manage incidents

Describe endpoint security with Microsoft Intune

• describe what Intune is
  • Microsoft Intune overview

• describe endpoint security with Intune
  • Protect devices and data
• describe the endpoint security with the Microsoft Endpoint Manager admin center
  • Endpoint security

Describe the Capabilities of Microsoft Compliance Solutions (25-30%)

Describe the compliance management capabilities in Microsoft

• describe Microsoft’s privacy principles
  • Microsoft privacy
• describe the offerings of the service trust portal
  • Microsoft Privacy Principles
• describe the compliance center
  • Microsoft 365 compliance center
• describe compliance manager
  • Compliance Manager
• describe use and benefits of compliance score
  • How your compliance score is calculated

Describe information protection and governance capabilities of Microsoft 365

• describe data classification capabilities
  • Understand data classification
• describe the value of content and activity explorer
  • Get started with content explorer
  • Get started with activity explorer
• describe sensitivity labels
  • Learn about sensitivity labels
• describe Retention Polices and Retention Labels
  • Retention policies and labels
• describe Records Management
  • Learn about records management
• describe Data Loss Prevention
  • Learn about data loss prevention

Describe insider risk capabilities in Microsoft 365

• describe Insider risk management solution
  • Insider risk management
• describe communication compliance
  • Communication compliance in Microsoft 365
• describe information barriers
  • Information barriers
• describe privileged access management
  • Privileged Access Management Overview
• describe customer lockbox
  • Customer Lockbox Requests

Describe the eDiscovery and audit capabilities of Microsoft 365

• describe the purpose of eDiscovery
  • Get Started With Core eDiscovery
• describe the capabilities of the content search tool
  • Use Content Search
• describe the core eDiscovery workflow
  • Assign eDiscovery permissions
• describe the advanced eDiscovery workflow
  • Set up Advanced eDiscovery
• describe the core audit capabilities of M365
  • Search the audit log in the compliance center
• describe purpose and value of Advanced Auditing
  • Advanced Audit in Microsoft 365

Describe resource governance capabilities in Azure

• describe the use of Azure Resource locks
  • Lock resources to prevent unexpected changes
• describe what Azure Blueprints is
  • What is Azure Blueprint?
• define Azure Policy and describe its use cases
  • Tutorial: Create and manage policies to enforce compliance

Check out my other exam reference guides here.