Microsoft Security, Compliance, and Identity Fundamentals (SC-900T00)
Training plan
Module 1: Describe security and compliance concepts
- Describe the shared responsibility model
- Describe defense in depth
- Describe the Zero Trust model
- Describe encryption and hashing
- Describe compliance concepts
Module 2: Describe identity concepts
- Define authentication and authorization
- Define Identity as the primary security perimeter
- Describe the role of the identity provider
- Describe the concept of directory services and Active Directory
- Describe the concept of Federation
Module 3: Describe the function and identity types of Microsoft Entra ID
- Describe Microsoft Entra ID
- Describe types of identities
- Describe hybrid identity
- Describe external identities
Module 4: Describe the authentication capabilities of Microsoft Entra ID
- Describe authentication methods
- Describe multifactor authentication
- Describe self-service password reset
- Describe password protection and management capabilities
Module 5: Describe access management capabilities of Microsoft Entra ID
- Describe Conditional Access
- Describe Microsoft Entra roles and role-based access control (RBAC)
Module 6: Describe the identity protection and governance capabilities of Microsoft Entra
- Describe Microsoft Entra ID Governance
- Describe access reviews
- Describe entitlement management
- Describe the capabilities of Privileged identity Management
- Describe Microsoft Entra ID Protection
- Describe Microsoft Entra Permissions Management
- Describe Microsoft Entra Verified ID
Module 7: Describe core infrastructure security services in Azure
- Describe Azure DDoS protection
- Describe Azure Firewall
- Describe Web Application Firewall
- Describe network segmentation in Azure
- Describe Azure Network Security groups
- Describe Azure Bastion
- Describe Azure Key Vault
Module 8: Describe the security management capabilities in Azure
- Describe Microsoft Defender for Cloud
- Describe how security policies and initiatives improve cloud security posture
- Describe Cloud security posture management
- Describe the enhanced security of Microsoft Defender for Cloud
- Describe DevOps security management
Module 9: Describe security capabilities of Microsoft Sentinel
- Define the concepts of SIEM and SOAR
- Describe threat detection and mitigation capabilities in Microsoft Sentinel
- Describe Microsoft Security Copilot
Module 10: Describe threat protection with Microsoft Defender XDR
- Describe Microsoft 365 Defender services
- Describe Microsoft Defender for Office 365
- Describe Microsoft Defender for Endpoint
- Describe Microsoft Defender for Cloud Apps
- Describe Microsoft Defender for Identity
- Describe the Microsoft 365 Defender portal
Module 11: Describe Microsoft’s Service Trust portal and privacy capabilities
- Describe the offerings of the Service Trust portal
- Describe Microsoft’s privacy principles
- Describe Microsoft Priva
Module 12: Describe the compliance management capabilities in Microsoft Purview
- Describe the Microsoft Purview compliance portal
- Describe Compliance Manager
- Describe use and benefits of compliance score
Module 13: Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview
- Know your data, protect your data, and govern your data
- Describe the data classification capabilities of the compliance portal
- Describe sensitivity labels and policies
- Describe data loss prevention
- Describe retention policies and retention labels
- Describe records management
- Describe the Microsoft Purview unified data governance solution
Module 14: Describe the insider risk capabilities in Microsoft Purview
- Describe insider risk management
- Describe communication compliance
Module 15: Describe the eDiscovery and Audit capabilities in Microsoft Purview
- Describe the eDiscovery solutions in Microsoft Purview
- Describe the audit solutions in Microsoft Purview
Recommended Prerequisite Knowledge
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Credentials and certification
Exam features
- Code: SC-900
- Title: Microsoft Security, Compliance, and Identity Fundamentals
- Duration: 120 minutes
- Number of Questions: 40 to 60
- Question Format: Multiple choice, multiple response, scenario-based
- Passing Score: 700 out of 1000
- Cost: $99 USD
Exam topics
- Describe the concepts of security, compliance, and identity
- Describe the capabilities of Microsoft Entra
- Describe the capabilities of Microsoft security solutions
- Describe the capabilities of Microsoft compliance solutions
Eccentrix Corner article/publication
Understanding SC-900 Certification
The SC-900 certification is designed to offer a comprehensive understanding of security, compliance, and identity concepts associated with Microsoft’s technologies. It covers fundamental principles, terminology, and best practices necessary to comprehend security and compliance solutions provided by Microsoft.
Overview of SC-900 Course
The SC-900 course is structured to impart knowledge about Microsoft’s security and compliance solutions, emphasizing identity and access management, threat protection, governance, and compliance management. It enables participants to grasp the essential concepts required to safeguard organizational data and ensure regulatory compliance.
SC-900 vs Other Certifications
Comparing SC-900 with certifications such as AZ-900 or SC-200 is crucial to understand their focus areas. While SC-900 emphasizes security, compliance, and identity fundamentals, AZ-900 centers on Azure fundamentals, and SC-200 concentrates on security operations and compliance within Microsoft’s security stack.
Significance of SC-900 Certification
Earning the SC-900 certification showcases foundational knowledge in security, compliance, and identity fundamentals. It holds relevance for individuals aspiring to pursue careers in cybersecurity, compliance management, or IT roles involving the implementation and management of Microsoft security solutions.
Preparation for SC-900 Exam
To prepare for the SC-900 exam, aspirants should utilize official Microsoft trainings from Eccentrix, learning resources, study guides, and training modules tailored explicitly for SC-900. Engaging in hands-on exercises, exploring Microsoft’s security and compliance solutions, and understanding industry-standard security practices are integral parts of preparation.
Conclusion
In conclusion, the SC-900 Microsoft Security, Compliance, and Identity Fundamentals course offer a foundational understanding of security and compliance concepts within the Microsoft ecosystem. It serves as an essential steppingstone for professionals venturing into the realm of cybersecurity, compliance, and identity management.
Remember, diligent preparation and a strong grasp of security and compliance fundamentals are pivotal in achieving success in the SC-900 certification exam.
Common Questions about SC-900 Certification (FAQ)
Is the SC-900 exam difficult?
The difficulty level of the SC-900 exam can vary based on an individual’s prior knowledge, experience, and preparation. Adequate study, understanding of security and compliance fundamentals, along with practical experience or hands-on practice, can significantly impact one’s readiness for the exam.
How much does a SC-900 certified person make?
The salary for an SC-900 certified individual can vary based on factors such as geographic location, years of experience, specific job role, and the employing organization. While SC-900 certification demonstrates foundational knowledge in security, compliance, and identity fundamentals, salary ranges can differ widely.
Can I get a job with SC-900?
Earning the SC-900 certification enhances your resume by showcasing fundamental knowledge in security, compliance, and identity concepts within the Microsoft ecosystem. However, securing a job typically depends on various factors including overall skills, experience, and the specific requirements of the job role and industry.
How long does the SC-900 exam preparation take?
The duration required to prepare for the SC-900 exam can vary from person to person. It depends on your prior knowledge, experience in the field, study habits, and the time you can allocate for preparation. Generally, individuals may take several weeks to a few months to adequately prepare for the SC-900 certification exam.