SC-900: Microsoft Security, Compliance, and Identity Fundamentals Exam Resource Guide (April 2024 Update)

Later this month SC-900 exam receives a minor update, with the introduction of Microsoft Defender XDR into the objectives, replacing Microsoft 365 Defender. This shouldn’t impact any of the existing preparation you may have undertaken, but does give some insight into some of the changes we may see in future exam updates.

If you work with Azure and Microsoft 365 security and compliance capabilities, this should be a straightforward exam for you. If you only focus on the security or compliance capabilities, or only Azure or Microsoft 365, make sure you focus your preparation on the areas that you are least familiar with.

The final note for this exam that I’ve received feedback on is that for many people who are familiar with Microsoft 365 and Azure, but not necessarily the security and compliance components, is that the wording/language used may not what they are used to. I guess you could view this is it being industry terminology that is being used, rather than Microsoft speak, so make sure that you don’t skip past any unusual wording in your preparation.

Describe the Concepts of Security, Compliance, and Identity (10-15%)

Describe security and compliance concepts

• Describe the shared responsibility model
  • Shared responsibility in the cloud
• Define defense in depth
  • Describe defense in depth
• Describe the Zero-Trust model
  • Zero Trust introduction
• Describe encryption and hashing
  • Encryption in Microsoft 365
  • Azure encryption overview
• Describe Governance, Risk, and Compliance (GRC) concepts
  • Describe the capabilities of Microsoft compliance solutions

Describe identity concepts

• Define identity as the primary security perimeter
  • Azure identity management security overview
• Define authentication
  • Authentication vs. authorization
  • Choose Microsoft Entra authentication
• Define authorization
  • Authentication vs. authorization
• Describe identity providers
  • Identity providers for External Identities
• Describe the concept of directory services and Active Directory
  • Active Directory Domain Services Overview
• Describe the concept of federation
  • What is federation?

Describe the capabilities of Microsoft Entra ID (25-30%)

Describe function and identity types of Microsoft Entra ID

• Describe Microsoft Entra ID
  • What is Describe Microsoft Entra ID?
• Describe types of identities
  • Manage access with groups
  • Securing service principals
  • What is a device identity?
  • Add guest users
• Describe hybrid identity
  • What is hybrid identity with Microsoft Entra ID ?

Describe authentication capabilities of Microsoft Entra ID 

• Describe the authentication methods
  • What is password hash synchronization?
  • What is pass-through authentication?
  • What is Seamless Single Sign On?
  • What is federation?
• Describe multi-factor authentication (MFA)
  • How MFA works
• Describe password protection and management capabilities
  • Eliminate weak passwords in the cloud
  • Eliminate weak passwords on-premises

Describe access management capabilities of Microsoft Entra ID

• Describe Conditional Access
  • Create and assign conditional access policy
  • Common ways to use conditional access
• Describe Microsoft Entra roles and role-based access control (RBAC)
  • Understand the different roles
  • What is RBAC?

Describe identity protection and governance capabilities of Microsoft Entra

• Describe Microsoft Entra ID Governance
  • Identity Governance 
• Describe access reviews
  • What are access reviews?
  • Create an access review of Microsoft Entra roles in Privileged Identity Management 
• Describe the capabilities of Microsoft Entra ID Privileged Identity Management
  • What is Privileged Identity Management?
• Describe Microsoft Entra ID Protection
  • What is Microsoft Entra ID Protection?
  • Configure the user risk policy
  • Configure the sign-in risk policy
• Describe Microsoft Entra Permissions Management
  • What’s Microsoft Entra Permissions Management?

Describe the capabilities of Microsoft Security Solutions (35-40%)

Describe core infrastructure security services in Azure

• Describe Azure distributed denial-of-service (DDoS) Protection
  • Azure DDoS Protection Standard overview
• Describe Azure Firewall
  • Tutorial: Deploy and configure Azure Firewall using the Azure portal
  • Tutorial: Deploy and configure Azure Firewall in a hybrid network using the Azure portal
• Describe Web Application Firewall (WAF)
  • What is Azure Web Application Firewall?
• Describe network segmentation with Azure virtual networks
  • Virtual Network Segmentation
• Describe network security groups (NSGs)
  • Network security groups 
• Describe Azure Bastion
  • Quickstart: Connect to a virtual machine using a private IP address and Azure Bastion
• Describe Azure Key Vault
  • About Azure Key Vault

Describe security management capabilities of Azure

• Describe Microsoft Defender for Cloud
  • What is Microsoft Defender for Cloud?
• Describe Cloud security posture management (CSPM)
  • Cloud Security Posture Management (CSPM)
• Describe how security policies and initiatives improve the cloud security posture
  • Policies, initiatives, and recommendations
  • Secure score and security controls
  • Reference list of recommendations
  • Security baseline
• Describe enhanced security features provided by cloud workload protection
  • What is Microsoft Defender for Cloud?

Describe capabilities of Microsoft Sentinel

• Define the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)
  • Define the concepts of SIEM, SOAR, XDR
• Describe threat detection and mitigation capabilities in Microsoft Sentinel
  • Hunt for threats with Microsoft Sentinel

Describe threat protection with Microsoft 365 Defender XDR

• Describe Microsoft 365 Defender services
  • What is Microsoft 365 Defender?
• Describe Microsoft Defender for Office 365
  • What is Defender for Office 365?
• Describe Microsoft Defender for Endpoint
  • What is Microsoft Defender for Endpoint?
• Describe Microsoft Defender for Cloud Apps
  • What is Microsoft Defender for Cloud Apps?
• Describe Microsoft Defender for Identity
  • What is Microsoft Defender for Identity?
• Describe Microsoft Defender Vulnerability Management
  • What is Microsoft Defender Vulnerability Management
• Describe Microsoft Defender Threat Intelligence (Defender TI)
  • What is Microsoft Defender Threat Intelligence (Defender TI)?
• Describe the Microsoft 365 Defender portal
  • The Microsoft 365 Defender portal

Describe the Capabilities of Microsoft Compliance Solutions (20-25%)

Describe Microsoft Service Trust Portal and privacy principles

• Describe the Service Trust Portal offerings
  • Microsoft Privacy Principles
• Describe the privacy principles of Microsoft
  • Microsoft privacy
• Describe Microsoft Priva
  • Learn about Microsoft Priva

Describe compliance management capabilities of Microsoft Purview

• Describe the Microsoft Purview compliance portal
  • Microsoft 365 compliance center
• Describe Compliance Manager
  • Compliance Manager
• Describe the uses and benefits of compliance score
  • How your compliance score is calculated

Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview

• Describe the data classification capabilities
  • Understand data classification
• Describe the benefits of Content explorer and Activity explorer
  • Get started with content explorer
  • Get started with activity explorer
• Describe sensitivity labels and sensitivity label policies
  • Learn about sensitivity labels
• Describe data loss prevention (DLP)
  • Learn about data loss prevention
• Describe records management
  • Learn about records management
• Describe retention policies, retention labels, and retention label policies
  • Retention policies and labels
• Describe unified data governance solutions in Microsoft Purview
  • What is Microsoft Purview?

DDescribe insider risk, eDiscovery, and audit capabilities in Microsoft Purview

• Describe insider risk management
  • Insider risk management
  • Communication compliance in Microsoft 365
  • Information barriers
• Describe eDiscovery solutions in Microsoft Purview
  • Microsoft Purview eDiscovery solutions
• Describe audit solutions in Microsoft Purview
  • Microsoft Purview auditing solutions

Check out my other exam reference guides here.