SC-900 Exam Study Guide: Microsoft Security, Compliance, and Identity Fundamentals

8 Min. Read

In this article, I will share with you how to prepare and pass the SC-900: Microsoft Security, Compliance, and Identity Fundamentals certification exam successfully.

Introduction

Microsoft is keeping evolving its learning programs to help you and your career keep pace with today’s demanding IT environments. The new updated role-based certifications will help you to keep pace with today’s business requirements. Microsoft Learning is constantly evolving its learning program to better offer what you need to skill up, prove your expertise to employers and peers, and get the recognition—and opportunities you’ve earned.

In February 2021, Microsoft announced a new portfolio of Security, Compliance, and Identity (SCI) certifications exams that focus across the Azure platform (Azure Defender), as well as Microsoft 365 (Microsoft 365 Defender) security solutions.

Exam NumberCertification
SC-200Microsoft Security Operations Analyst
SC-300Microsoft Identity and Access Administrator
SC-400Microsoft Information Protection Administrator
SC-900Microsoft Security, Compliance, and Identity Fundamentals

SC-200 Exam

The Security Operations Analyst Associate certification can help demonstrate knowledge of threat mitigation using Microsoft SCI Solutions, as well as performing proactive threat hunting activities using:

Please check the following guide to learn more on how to prepare for the SC-200: Microsoft Security Operations Analyst certification exam successfully.

SC-300 Exam

For people in identity roles, Identity & Access Administrator Associate certification can help prove knowledge of core identity governance principles, as well as ensuring a proper identity lifecycle.

  • Azure Active Directory (AAD)
  • Azure AD Connect
  • Azure Multifactor Authentication (MFA)
  • Privileged Identity Management (PIM)
  • Conditional Access
  • Identity Governance

Please check the following guide to learn more on how to prepare for the SC-300: Microsoft Identity and Access Administrator certification exam successfully.

SC-400 Exam

For people in compliance administrator roles, Information Protection Administrator Associate certification can help prove knowledge of core data concepts and how they’re implemented using Azure data services.

  • Information Protection
  • Data Loss Prevention
  • Information Governance

Please check the following guide to learn more on how to prepare for the SC-400: Microsoft Information Protection Administrator certification exam successfully.

SC-900 Exam

The Security, Compliance, and Identity Fundamentals certification are for people looking to familiarize themselves with the fundamentals of SCI across cloud-based and related Microsoft services, developed for a broad audience that may include business stakeholders, students starting out in IT, or existing IT pros that have an interest in Microsoft SCI Solutions.

  • Security, compliance, and identity
  • Microsoft identity and access management solutions
  • Microsoft security solutions
  • Microsoft compliance solutions

Please check the following section on how to prepare for the SC-900: Microsoft Security, Compliance, and Identity Fundamentals certification exam successfully.

Exam preparation

While preparing to take this exam myself, I would like to share with you how to prepare and pass the SC-900: Microsoft Security, Compliance, and Identity Fundamentals certification exam successfully.

This exam is not a prerequisite for any other exam nor is any other exam a prerequisite for this SC-900 exam. It is a standalone exam offering.

At the time of this writing, this exam is in the Beta phase. Beta exams are not scored immediately because Microsoft is gathering data on the quality of the questions and the exam. I will update this article as soon as I get the exam results from Microsoft.

I am so happy and grateful now that I received the final report for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals with a high passing score!

Passing SC-900 Microsoft Security, Compliance, and Identity Fundamentals

Updated on 05/03/2021 In this exam, I got 50 questions in total with NO case studies, and the total time for this exam is only 60 minutes (1 hour), so you have 1.2 minutes to answer all the questions. The questions do pretty much match the list of skills measured below.

Exam Target Audience

The audience for this course is looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.

This exam is suitable for a broad audience that may include business stakeholders, new or existing IT professionals, or students that have an interest in Microsoft security, compliance, and identity solutions.

The person taking this exam should be familiar with Microsoft Azure and Microsoft 365 and wants to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.

Please note that to pass the certification test, studying outside the course may be required to ensure all the concepts are fully understood.

Skills measured on this exam

This exam measures your ability to accomplish the technical topics listed below based on the latest update from Microsoft:

Describe the Concepts of Security, Compliance, and Identity (5-10%)

Describe security methodologies

  • Describe the Zero-Trust methodology
  • Describe the shared responsibility model
  • Define defense in depth

Describe security concepts

  • Describe common threats
  • Describe encryption

Describe Microsoft Security and compliance principles

  • Describe Microsoft’s privacy principles
  • Describe the offerings of the service trust portal

Learning Path: Describe the concepts of security, compliance, and identity

Describe the capabilities of Microsoft Identity and Access Management Solutions (25-30%)

Define identity principles/concepts

  • Define identity as the primary security perimeter
  • Define authentication
  • Define authorization
  • Describe what identity providers are
  • Describe what Active Directory is
  • Describe the concept of Federated services
  • Define common Identity Attacks

Describe the basic identity services and identity types of Azure AD

  • Describe what Azure Active Directory is
  • Describe Azure AD identities (users, devices, groups, service principals/applications)
  • Describe what hybrid identity is
  • Describe the different external identity types (Guest Users)

Describe the authentication capabilities of Azure AD

  • Describe the different authentication methods
  • Describe self-service password reset
  • Describe password protection and management capabilities
  • Describe Multi-factor Authentication
  • Describe Windows Hello for Business

Describe access management capabilities of Azure AD

  • Describe what conditional access is
  • Describe uses and benefits of conditional access
  • Describe the benefits of Azure AD roles

Describe the identity protection & governance capabilities of Azure AD

  • Describe what identity governance is
  • Describe what entitlement management and access reviews is
  • Describe the capabilities of PIM
  • Describe Azure AD Identity Protection

Learning Path: Describe the capabilities of Microsoft Identity and access management solutions

Describe the capabilities of Microsoft Security Solutions (30-35%)

Describe basic security capabilities in Azure

  • Describe Azure Network Security groups
  • Describe Azure DDoS protection
  • Describe what Azure Firewall is
  • Describe what Azure Bastion is
  • Describe what Web Application Firewall is
  • Describe ways Azure encrypts data

Describe security management capabilities of Azure

  • Describe the Azure Security center
  • Describe Azure Secure score
  • Describe the benefit and use cases of Azure Defender – previously the Cloud Workload Protection Platform (CWPP)
  • Describe Cloud Security Posture Management (CSPM)
  • Describe security baselines for Azure

Describe security capabilities of Azure Sentinel

  • Define the concepts of SIEM, SOAR, XDR
  • Describe the role and value of Azure Sentinel to provide integrated threat protection

Describe threat protection with Microsoft 365 Defender (formerly Microsoft Threat Protection)

  • Describe Microsoft 365 Defender services
  • Describe Microsoft Defender for Identity (formerly known as Azure ATP)
  • Describe Microsoft Defender for Office 365 (formerly known as Office 365 ATP)
  • Describe Microsoft Defender for Endpoint (formerly known as Microsoft Defender ATP)
  • Describe Microsoft Cloud App Security (MCAS)

Describe security management capabilities of Microsoft 365

  • Describe the Microsoft 365 Security Center
  • Describe how to use Microsoft Secure Score
  • Describe security reports and dashboards
  • Describe incidents and incident management capabilities

Describe endpoint security with Microsoft Intune

  • Describe what Intune is
  • Describe endpoint security with Intune
  • Describe the endpoint security with the Microsoft Endpoint Manager admin center

Learning Path: Describe the capabilities of Microsoft security solutions

Describe the Capabilities of Microsoft Compliance Solutions (25-30%)

Describe the compliance management capabilities in Microsoft

  • Describe the compliance center
  • Describe compliance manager
  • Describe use and benefits of compliance score

Describe information protection and governance capabilities of Microsoft 365

  • Describe data classification capabilities
  • Describe the value of content and activity explorer
  • Describe sensitivity labels
  • Describe Retention Policies and Retention Labels
  • Describe Records Management
  • Describe Data Loss Prevention

Describe insider risk capabilities in Microsoft 365

  • Describe Insider Risk Management (IRM) solution
  • Describe communication compliance
  • Describe information barriers
  • Describe privileged access management
  • Describe customer lockbox

Describe the eDiscovery capabilities of Microsoft 365

  • Describe the purpose of eDiscovery
  • Describe the capabilities of the content search tool
  • Describe the core eDiscovery workflow
  • Describe the advanced eDiscovery workflow

Describe the audit capabilities in Microsoft 365

  • Describe the core audit capabilities of M365
  • Describe the purpose and value of Advanced Auditing

Describe resource governance capabilities in Azure

  • Describe the use of Azure Resource locks
  • Describe what Azure Blueprints is
  • Define Azure Policy and describe its use cases
  • Describe cloud adoption framework

Learning Path: Describe the capabilities of Microsoft compliance solutions

MS-500 | Microsoft 365 Certified: Security Administrator Associate

I have included the MS-500 older exam here as an example of the overall skills measured in this exam. You can see that it measures your skills on a broad range of security solutions compared to the new exams which are more specific.

  • Implement and manage identity and access
  • Implement and manage threat protection
  • Implement and manage information protection
  • Manage governance and compliance features in Microsoft 365

If you are interested to take the MS-500 exam, please check my step-by-step guide on how to prepare and pass the MS-500 exam successfully.

Lessons Learned

Read, read, and read… I cannot stress enough that reading and understanding all the security concepts in general besides Microsoft 365 Defender, Azure Defender, and Azure Active Directory will help you to pass this exam. This is a fundamental exam, so you need to really understand all the security services provided by Microsoft because you will see a lot of questions.

The biggest subject areas that I saw on the SC-900 exam are the following:

  • General security concepts
    • Zero-Trust methodology
    • The shared responsibility model
    • Confidentiality, Integrity, Availability (CIA)
    • Encryption
  • Azure Active Directory (Azure AD)
    • Conditional Access
    • Self-Service Password Reset (SSPR)
    • Password Protection
    • Azure Active Directory Identity Protection
  • Azure Security
    • Network Security Groups (NSGs)
    • Azure Firewall
    • Azure Bastion
    • Resource Group (RG) Locks
    • Azure Policy
  • Azure Sentinel (few basic questions)
    • Security incident and event management (SIEM)
    • Security orchestration automated response (SOAR)
    • Extended detection and response (XDR)
  • Azure Security Center (few basic questions)
    • Azure Defender
    • Cloud Security Posture Management (CSPM)
    • Azure Secure Score
  • Microsoft 365 Defender services
    • Microsoft Cloud App Security (MCAS)
    • Microsoft 365 security center
    • Microsoft Defender for Office 365
  • Microsoft Intune (few basic questions)
    • Endpoint security with Intune
  • Windows Hello for Business (few basic questions)
  • Microsoft 365 Compliance Center
    • Sensitivity labels
    • Data Loss Prevention (DLP)
  • Microsoft 365
    • Insider Risk Management
    • Customer Lockbox
    • eDiscovery
    • Advanced Auditing (long-term retention of audit logs)

You can expect a lot of questions similar to this one:

For the following statements select Yes if the statement is true. Otherwise select No.

Overall, I think Microsoft Worldwide Learning is doing a good job of gradually shaping these exams to reflect real-world Azure security best practice scenarios. The SC-900 exam is logically organized and focused solely on Microsoft 365 Defender services, Azure Sentinel, Azure Security, Identity Protection, and Azure Security Center/Azure Defender.

Validate your skills

If you wish to validate your skills before taking the real exam, I highly encourage you to purchase the following practice tests:

SC-900: Microsoft Security, Compliance, and Identity Fundamentals Microsoft Official Practice Test. The MeasureUp SC-900: Microsoft Security, Compliance, and Identity Fundamentals practice test from mind hub is designed to help you prepare for and pass the Microsoft SC-900 exam. This exam is aimed at business stakeholders, IT professionals who want to improve their understanding of security and compliance fundamentals in cloud-based and Microsoft services.

Instructor-led virtual training

Last but certainly not least, if you prefer instructor-led virtual training, Microsoft released SC-900T00-A 1 day course. This course is for candidates that are looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this course aligns with the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.

If you prefer to get prepare for this exam with Microsoft MCT as instructor-led virtual training, you can get in contact with me here.

Schedule SC-900 Exam

At the time of this writing, Microsoft launched the SC-900 exam in beta mode, if you would like to take the beta exam and receive the 80% discount*, use the code below when prompted for payment: SC900TUPELO. You must register for the exam on or before March 15, 2021. The seats are offered on a first-come, first-served basis.

Once you are ready, click Schedule exam here and take it online from the comfort of your home/office with proctor supervision.

Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals

If you are planning to take this exam… I wish you all the best and Happy Studying!!!

__
Thank you for reading my blog.

If you have any questions or feedback, please leave a comment.

-Charbel Nemnom-

Related Posts

Previous

SC-400 Exam Study Guide: Microsoft Information Protection Administrator

Backup Best Practices in Action – The Backup Bible Complete Edition

Next

Let me know what you think, or ask a question...

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to Stay in Touch

Never miss out on your favorite posts and our latest announcements!

The content of this website is copyrighted from being plagiarized!

You can copy from the 'Code Blocks' in 'Black' by selecting the Code.

Please send your feedback to the author using this form for any 'Code' you like.

Thank you for visiting!