IT & Software

SC-900: Security, Compliance, and Identity – May 2025

abdulrhmansayed
By abdulrhmansayed Add a Comment


Contents
What You’ll Learn RequirementsDescription Who this course is for:

What
You’ll Learn

  • Describe the concepts of security
  • compliance
  • and identity
  • Describe the capabilities of Microsoft Entra
  • Describe the capabilities of Microsoft security solutions
  • Describe the capabilities of Microsoft compliance solutions

Requirements

  • This exam is targeted to you
  • if you’re looking to familiarize yourself with the fundamentals of security
  • compliance
  • and identity (SCI) across cloud-based and related Microsoft services.

Description

Skills at a glance

  • Describe the concepts of security, compliance, and identity (10–15%)

  • Describe the capabilities of Microsoft Entra (25–30%)

  • Describe the capabilities of Microsoft security solutions (35–40%)

  • Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe the concepts of security, compliance, and identity (10–15%)

Describe security and compliance concepts

  • Describe the shared responsibility model

  • Describe defense-in-depth

  • Describe the Zero Trust model

  • Describe encryption and hashing

  • Describe Governance, Risk, and Compliance (GRC) concepts

Define identity concepts

  • Define identity as the primary security perimeter

  • Define authentication

  • Define authorization

  • Describe identity providers

  • Describe the concept of directory services and Active Directory

  • Describe the concept of federation

Describe the capabilities of Microsoft Entra (25–30%)

Describe function and identity types of Microsoft Entra ID

  • Describe Microsoft Entra ID

  • Describe types of identities

  • Describe hybrid identity

Describe authentication capabilities of Microsoft Entra ID

  • Describe the authentication methods

  • Describe multi-factor authentication (MFA)

  • Describe password protection and management capabilities

Describe access management capabilities of Microsoft Entra ID

  • Describe Conditional Access

  • Describe Microsoft Entra roles and role-based access control (RBAC)

Describe identity protection and governance capabilities of Microsoft Entra

  • Describe Microsoft Entra ID Governance

  • Describe access reviews

  • Describe the capabilities of Microsoft Entra Privileged Identity Management

  • Describe Microsoft Entra ID Protection

  • Describe Microsoft Entra Permissions Management

Describe the capabilities of Microsoft security solutions (35–40%)

Describe core infrastructure security services in Azure

  • Describe Azure distributed denial-of-service (DDoS) Protection

  • Describe Azure Firewall

  • Describe Web Application Firewall (WAF)

  • Describe network segmentation with Azure virtual networks

  • Describe network security groups (NSGs)

  • Describe Azure Bastion

  • Describe Azure Key Vault

Describe security management capabilities of Azure

  • Describe Microsoft Defender for Cloud

  • Describe Cloud Security Posture Management (CSPM)

  • Describe how security policies and initiatives improve the cloud security posture

  • Describe enhanced security features provided by cloud workload protection

Describe capabilities of Microsoft Sentinel

  • Define the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)

  • Describe threat detection and mitigation capabilities in Microsoft Sentinel

Describe threat protection with Microsoft Defender XDR

  • Describe Microsoft Defender XDR services

  • Describe Microsoft Defender for Office 365

  • Describe Microsoft Defender for Endpoint

  • Describe Microsoft Defender for Cloud Apps

  • Describe Microsoft Defender for Identity

  • Describe Microsoft Defender Vulnerability Management

  • Describe Microsoft Defender Threat Intelligence (Defender TI)

  • Describe the Microsoft Defender portal

Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe Microsoft Service Trust Portal and privacy principles

  • Describe the Service Trust Portal offerings

  • Describe the privacy principles of Microsoft

  • Describe Microsoft Priva

Describe compliance management capabilities of Microsoft Purview

  • Describe the Microsoft Purview compliance portal

  • Describe Compliance Manager

  • Describe the uses and benefits of compliance score

Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview

  • Describe the data classification capabilities

  • Describe the benefits of Content explorer and Activity explorer

  • Describe sensitivity labels and sensitivity label policies

  • Describe data loss prevention (DLP)

  • Describe records management

  • Describe retention policies, retention labels, and retention label policies

  • Describe unified data governance solutions in Microsoft Purview

Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview

  • Describe insider risk management

  • Describe eDiscovery solutions in Microsoft Purview

  • Describe audit solutions in Microsoft Purview

Who this course is for:

  • If you have an interest in Microsoft SCI solutions
  • this exam is for you
  • whether you’re a: Business stakeholder
  • New or existing IT professional or Student

Get Free Coupon

SC-900: Security, Compliance, and Identity - May 2025

TAGGED:
Share This Article
Leave a comment
Lost your password?