SC-900 - Microsoft Security, Compliance, and Identity Fundamentals
SC-900 - Mental Map
1. Describe the capabilities of Microsoft Identity and Access Management Solutions (25-30%)
1.1. Define identity principles/concept
1.1.1. Identity as the primary security perimeter
1.1.2. Authentication
1.1.3. Authorization
1.1.4. What are identity providers?
1.1.5. What is Active Directory?
1.1.6. Concept of Federated services
1.1.7. Common Identity Attacks
1.2. Describe the basic identity services and identity types of Azure AD
1.2.1. What is Azure Active Directory?
1.2.2. Azure AD identities
1.2.2.1. Users
1.2.2.2. Devices
1.2.2.3. Groups
1.2.2.4. Service Principals/Applications
1.2.3. What is hybrid identity?
1.2.4. The different external identity types
1.2.4.1. Guest Users
1.3. Describe the authentication capabilities of Azure AD
1.3.1. The different authentication methods
1.3.2. Self-service password reset
1.3.3. Password protection and management capabilities
1.3.4. Multi-factor Authentication
1.3.5. Windows Hello for Business
1.4. Describe access management capabilities of Azure AD
1.4.1. What is conditional access?
1.4.2. Uses and benefits of conditional access
1.4.3. The benefits of Azure AD roles
1.5. Describe the identity protection & governance capabilities of Azure AD
1.5.1. What is identity governance?
1.5.2. What is entitlement management and access reviews?
1.5.3. The capabilities of PIM
1.5.4. Azure AD Identity Protection
2. Describe the Concepts of Security, Compliance, and Identity (5-10%)
2.1. Describe security methodologies
2.1.1. The Zero-Trust Methodology
2.1.2. The shared responsibility model
2.1.3. Defense in depth
2.2. Describe security concepts
2.2.1. Common threats
2.2.2. Encryption
2.3. Describe Microsoft Security and compliance principles
2.3.1. Microsoft's privacy principles
2.3.2. The offerings of the service trust portal
3. Integrated Threat Protection
3.1. Collect
3.1.1. data at cloud scale accross all users, devices and infrastructure, both on premises and in multiple clouds
3.2. Detect
3.2.1. previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence
3.3. Investigate
3.3.1. threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
3.4. Respond
3.4.1. to incidents rapidly with built-in orchestration and automation of common security tasks.
4. Describe the capabilities of Microsoft Security Solutions (30-35%)
4.1. Describe basic security capabilities in Azure
4.1.1. Azure Network Security groups
4.1.2. Azure DDoS protection
4.1.3. What is Azure Firewall
4.1.4. What is Azure Bastion?
4.1.5. What is Web Application Firewall?
4.1.6. Describe ways Azure encrypts data
4.2. Describe security management capabilities of Azure
4.2.1. Azure Security Center
4.2.2. Azure Security Score
4.2.3. The benefit and use cases of Azure defender - previously the cloud workload protection platform (CWPP)
4.2.4. Cloud security posture management (CSPM)
4.2.5. Security baselines for Azure
4.3. Describe security capabilities of Azure Sentinel
4.3.1. The concepts of
4.3.1.1. SIEM (Security Information and Event Management)
4.3.1.2. SOAR (Security Orchestration, Automation and Response)
4.3.1.3. XDR (Extended detection and response)
4.3.2. The role and value of Azure Sentinel to provide integrated threat protection
4.4. Describe threat protection with Microsoft 365 Defender (formerly Microsoft Threat Protection)
4.4.1. Microsoft 365 Defender services
4.4.2. Microsoft Defender for Identity (formely Azure ATP)
4.4.3. Microsoft Defender for Office 365 (formely Office 365 ATP)
4.4.4. Microsoft Defender for Endpoin (formely Microsoft Defender ATP)
4.4.5. Microsoft Cloud App Security
4.5. Describe security management capabilities of Microsoft 365
4.5.1. Microsoft 365 Security Center
4.5.2. Describe how to use Microsoft Secure Score
4.5.3. Security reports and dashboards
4.5.4. incidents and incident management capabilities
4.6. Describe endpoint security with Microsoft Intune
4.6.1. What is Intune?
4.6.2. Endpoint security with Intune
4.6.3. The endpoint security with the Microsoft Endpoint Manager admin Center
5. Describe the Capabilities of Microsoft Compliance Solutions (25-30%)
5.1. Describe the compliance management capabilities in Microsoft
5.1.1. Compliance Center
5.1.2. Compliance Manager
5.1.3. Use and benefits of compliance score
5.2. Describe information protection and governance capabilities of Microsoft 365
5.2.1. Data classification capabilities
5.2.2. The value of content and activity explorer
5.2.3. Sensitivity labels
5.2.4. Retention Policies and Retentions Labels
5.2.5. Records Management
5.2.6. Data Loss Prevention
5.3. Describe insider risk capabilities in Microsoft 365
5.3.1. Insider risk management solution
5.3.2. Communication compliance
5.3.3. Information barriers
5.3.4. Privileged access management
5.3.5. Customer lockbox
5.4. Describe the eDiscovery capabilities of Microsoft 365
5.4.1. The purpose of eDiscovery
5.4.2. The capabilities of the content search tool
5.4.3. The core eDiscovery workflow
5.4.4. The advanced eDiscovery workflow
5.5. Describe the audit capabilities in Microsoft 365
5.5.1. The core audit capabilities of M365
5.5.2. Purpose and value of Advanced Auditing
5.6. Describe resource governance capabilities in Azure
5.6.1. The use of Azure Resource locks
5.6.2. What is Azure Blue print?
5.6.3. Define Azure Policy and describe its use cases
5.6.4. Cloud adoption framework