SC-900: Microsoft Security, Compliance, and Identity Fundamentals Exam Resource Guide (February 2023 Update)

In early February the SC-900 exam will be updated with minor changes. This time round the changes are just minor corrections or clarifications of items. Considering that the exam was updated a few months ago it would be surprising if this was a major update.

If you work with Azure and Microsoft 365 security and compliance capabilities, now falling under the Microsoft Purview branding, this should be a pretty straight forward exam for you. If you only focus on the security or compliance capabilities, or only Azure or Microsoft 365, make sure you focus your preparation on the areas that you are least familiar with.

The final note for this exam that I’ve received feedback on is that for many people who are familiar with Microsoft 365 and Azure, but not necessarily the security and compliance components, is that the wording/language used may not what they are used to. I guess you could view this is it being industry terminology that is being used, rather than Microsoft speak, so make sure that you don’t skip past any unusual wording in your preparation.

Describe the Concepts of Security, Compliance, and Identity (10-15%)

Describe security and compliance concepts

• describe the shared responsibility model
  • Shared responsibility in the cloud
• define defense in depth
  • Describe defense in depth
• describe the Zero-Trust methodology
  • Zero Trust introduction
• describe encryption and hashing
  • Encryption in Microsoft 365
  • Azure encryption overview
• describe compliance concepts
  • Describe the capabilities of Microsoft compliance solutions

Describe identity concepts

• define identity as the primary security perimeter
  • Azure identity management security overview
• define authentication
  • Authentication vs. authorization
  • Choose Azure AD authentication
• define authorization
  • Authentication vs. authorization
• describe identity providers
  • Identity providers for External Identities
• describe Active Directory
  • What is Azure Active Directory?
• describe the concept of Federation
  • What is federation?

Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra (25-30%)

Describe the basic identity services and identity types of Azure AD

• describe Azure Active Directory
  • What is Azure Active Directory?
• describe Azure AD identities
  • Manage access with groups
  • Securing service principals
  • What is a device identity?
• describe hybrid identity
  • What is hybrid identity with Azure Active Directory?
• describe the different external identity types
  • Add guest users

Describe the authentication capabilities of Azure AD 

• describe the authentication methods available in Azure AD
  • What is password hash synchronization?
  • What is pass-through authentication?
  • What is Seamless Single Sign On?
  • What is federation?
• describe Multi-factor Authentication
  • How MFA works
• describe self-service password reset
  • Deploy self-service password reset
  • How it works: Azure AD self-service password reset
• describe password protection and management capabilities available in Azure AD
  • Eliminate weak passwords in the cloud
  • Eliminate weak passwords on-premises

Describe access management capabilities of Azure AD

• describe conditional access
  • Create and assign conditional access policy
  • Common ways to use conditional access
• describe the benefits of Azure AD roles
  • Understand the different roles
• describe the benefits of Azure AD role-based access control
  • What is RBAC?

Describe the identity protection & governance capabilities of Azure AD

• describe identity governance in Azure AD
  • Identity Governance 
• describe entitlement management and access reviews
  • What is Azure AD entitlement management?
  • What are access reviews?
  • Create an access review of Azure AD roles in Privileged Identity Management 
• describe the capabilities ofAzure AD Privileged Identity Management (PIM)
  • What is Azure PIM?
• describe Azure AD Identity Protection
  • What is Azure Active Directory Identity Protection?
  • Configure the user risk policy
  • Configure the sign-in risk policy

Describe the capabilities of Microsoft Security Solutions (25-30%)

Describe basic security capabilities in Azure

• describe Azure DDoS protection
  • Azure DDoS Protection Standard overview
• describe Azure Firewall
  • Tutorial: Deploy and configure Azure Firewall using the Azure portal
  • Tutorial: Deploy and configure Azure Firewall in a hybrid network using the Azure portal
• describe Web Application Firewall
  • What is Azure Web Application Firewall?
• describe Network Segmentation with Azure Virtual Networks
  • Virtual Network Segmentation
• describe Azure Network Security groups
  • Network security groups 
• describe Azure Bastion and JIT Access
  • Quickstart: Connect to a virtual machine using a private IP address and Azure Bastion
  • Overview of just-in-time VM access
• describe ways Azure encrypts data
  • Data security and encryption

Describe security management capabilities of Azure

• describe Cloud security posture management (CSPM)
  • Policies, initiatives, and recommendations
  • Secure score and security controls
  • Reference list of recommendations
• describe Microsoft Defender for Cloud
  • What is Microsoft Defender for Cloud?
• describe the enhanced security features of Microsoft Defender for Cloud
  • What is Microsoft Defender for Cloud?
• describe security baselines for Azure
  • Security baseline

Describe security capabilities of Microsoft Sentinel

• define the concepts of SIEM and SOAR
  • Define the concepts of SIEM, SOAR, XDR
• describe how Microsoft Sentinel provides integrated threat protection
  • What is Microsoft Sentinel?

Describe threat protection with Microsoft 365 Defender

• describe Microsoft 365 Defender services
  • What is Microsoft 365 Defender?
• describe Microsoft Defender for Identity
  • What is Microsoft Defender for Identity?
• describe Microsoft Defender for Office 365
  • What is Defender for Office 365?
• describe Microsoft Defender for Endpoint
  • What is Microsoft Defender for Endpoint?
• describe Microsoft Defender for Cloud Apps
  • What is Microsoft Defender for Cloud Apps?
• describe the Microsoft 365 Defender portal
  • The Microsoft 365 Defender portal

Describe the Capabilities of Microsoft Compliance Solutions (25-30%)

Describe Microsoft’s Service Trust Portal and privacy principles

• describe the offerings of the service trust portal
  • Microsoft Privacy Principles
• describe Microsoft’s privacy principles
  • Microsoft privacy

Describe the compliance management capabilities of Microsoft Purview

• describe the Microsoft Purview compliance portal
  • Microsoft 365 compliance center
• describe compliance manager
  • Compliance Manager
• describe the use and benefits of compliance score
  • How your compliance score is calculated

Describe information protection and governance capabilities of Microsoft Purview

• describe data classification capabilities
  • Understand data classification
• describe the value of content and activity explorer
  • Get started with content explorer
  • Get started with activity explorer
• describe sensitivity labels
  • Learn about sensitivity labels
• describe Data Loss Prevention
  • Learn about data loss prevention
• describe Records Management
  • Learn about records management
• describe Retention Polices and Retention Labels
  • Retention policies and labels

Describe insider risk capabilities in Microsoft Purview

• describe Insider risk management
  • Insider risk management
• describe communication compliance
  • Communication compliance in Microsoft 365
• describe information barriers
  • Information barriers

Describe resource governance capabilities in Azure

• Describe Azure Policy
  • Tutorial: Create and manage policies to enforce compliance
• describe Azure Blueprint
  • What is Azure Blueprint?
• describe Azure Purview
  • What is Microsoft Purview?

Check out my other exam reference guides here.