In this article, we will share with you how to prepare and pass the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam successfully.
Table of Contents
Microsoft is keeping evolving its learning programs to help you and your career keep pace with today’s demanding IT environments. The new updated role-based certifications will help you to keep pace with today’s business requirements. Microsoft Learning is constantly evolving its learning program to better offer what you need to skill up, prove your expertise to employers and peers, and get the recognition—and opportunities you’ve earned.
In February 2021, Microsoft announced a new portfolio of Security, Compliance, and Identity (SCI) certification exams that focus across the Azure platform (Microsoft Defender for Cloud and Microsoft Sentinel), as well as Microsoft 365 (Microsoft 365 Defender) security solutions.
|SC-200||Microsoft Security Operations Analyst|
|SC-300||Microsoft Identity and Access Administrator|
|SC-400||Microsoft Information Protection Administrator|
|SC-900||Microsoft Security, Compliance, and Identity Fundamentals|
The Security Operations Analyst Associate certification can help demonstrate knowledge of threat mitigation using Microsoft SCI Solutions, as well as performing proactive threat-hunting activities using:
Please check the following guide to learn more on how to prepare for the SC-200: Microsoft Security Operations Analyst certification exam successfully.
For people in identity roles, Identity & Access Administrator Associate certification can help prove knowledge of core identity governance principles, as well as ensure a proper identity lifecycle.
- Azure Active Directory (AAD)
- Azure AD Connect
- Azure Multifactor Authentication (MFA)
- Privileged Identity Management (PIM)
- Conditional Access
- Identity Governance
Please check the following guide to learn more on how to prepare for the SC-300: Microsoft Identity and Access Administrator certification exam successfully.
For people in compliance administrator roles, Information Protection Administrator Associate certification can help prove knowledge of core data concepts and how they’re implemented using Azure data services.
- Information Protection
- Data Loss Prevention
- Information Governance
Please check the following guide to learn more on how to prepare for the SC-400: Microsoft Information Protection Administrator certification exam successfully.
The Security, Compliance, and Identity Fundamentals certification are for people looking to familiarize themselves with the fundamentals of SCI across cloud-based and related Microsoft services, developed for a broad audience that may include business stakeholders, students starting out in IT, or existing IT pros that have an interest in Microsoft SCI Solutions.
- Security, compliance, and identity
- Microsoft identity and access management solutions
- Microsoft security solutions
- Microsoft compliance solutions
While preparing to take this exam myself, I would like to share with you how to prepare and pass the SC-900: Microsoft Security, Compliance, and Identity Fundamentals certification exam successfully.
This exam is not a prerequisite for any other exam nor is any other exam a prerequisite for this SC-900 exam. It is a standalone exam offering.
At the time of this writing, this exam is in the Beta phase. Beta exams are not scored immediately because Microsoft is gathering data on the quality of the questions and the exam. I will update this article as soon as I get the exam results from Microsoft.
I am so happy and grateful now that I received the final report for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals with a high passing score!
Updated on 05/03/2021 – In this exam, I got 50 questions in total with NO case studies, and the total time for this exam is only 60 minutes (1 hour), so you have 1.2 minutes to answer all the questions. The questions do pretty much match the list of skills measured below.
Exam Target Audience
The audience for this course is looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
This exam is suitable for a broad audience that may include business stakeholders, new or existing IT professionals, or students that have an interest in Microsoft security, compliance, and identity solutions.
The person taking this exam should be familiar with Microsoft Azure and Microsoft 365 and wants to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
Please note that to pass the certification test, studying outside the course may be required to ensure all the concepts are fully understood.
Skills measured on this exam
This exam measures your ability to accomplish the technical topics listed below based on the latest update from Microsoft:
Describe the Concepts of Security, Compliance, and Identity (5-10%)
Describe security methodologies
- Describe the Zero-Trust methodology
- Describe the shared responsibility model
- Define defense in depth
Describe security concepts
- Describe common threats
- Describe encryption
Describe Microsoft Security and compliance principles
- Describe Microsoft’s privacy principles
- Describe the offerings of the service trust portal
Learning Path: Describe the concepts of security, compliance, and identity
Describe the capabilities of Microsoft Identity and Access Management Solutions (25-30%)
Define identity principles/concepts
- Define identity as the primary security perimeter
- Define authentication
- Define authorization
- Describe what identity providers are
- Describe what Active Directory is
- Describe the concept of Federated services
- Define common Identity Attacks
Describe the basic identity services and identity types of Azure AD
- Describe what Azure Active Directory is
- Describe Azure AD identities (users, devices, groups, service principals/applications)
- Describe what hybrid identity is
- Describe the different external identity types (Guest Users)
Describe the authentication capabilities of Azure AD
- Describe the different authentication methods
- Describe self-service password reset
- Describe password protection and management capabilities
- Describe Multi-factor Authentication
- Describe Windows Hello for Business
Describe access management capabilities of Azure AD
- Describe what conditional access is
- Describe uses and benefits of conditional access
- Describe the benefits of Azure AD roles
Describe the identity protection & governance capabilities of Azure AD
- Describe what identity governance is
- Describe what entitlement management and access reviews is
- Describe the capabilities of PIM
- Describe Azure AD Identity Protection
Learning Path: Describe the capabilities of Microsoft Identity and access management solutions
Describe the capabilities of Microsoft Security Solutions (30-35%)
Describe basic security capabilities in Azure
- Describe Azure Network Security groups
- Describe Azure DDoS protection
- Describe what Azure Firewall is
- Describe what Azure Bastion is
- Describe what Web Application Firewall is
- Describe ways Azure encrypts data
Describe security management capabilities of Azure
- Describe the Azure Security center
- Describe Azure Secure score
- Describe the benefit and use cases of Azure Defender – previously the Cloud Workload Protection Platform (CWPP)
- Describe Cloud Security Posture Management (CSPM)
- Describe security baselines for Azure
Describe security capabilities of Azure Sentinel
- Define the concepts of SIEM, SOAR, XDR
- Describe the role and value of Azure Sentinel to provide integrated threat protection
Describe threat protection with Microsoft 365 Defender (formerly Microsoft Threat Protection)
- Describe Microsoft 365 Defender services
- Describe Microsoft Defender for Identity (formerly known as Azure ATP)
- Describe Microsoft Defender for Office 365 (formerly known as Office 365 ATP)
- Describe Microsoft Defender for Endpoint (formerly known as Microsoft Defender ATP)
- Describe Microsoft Cloud App Security (MCAS)
Describe security management capabilities of Microsoft 365
- Describe the Microsoft 365 Security Center
- Describe how to use Microsoft Secure Score
- Describe security reports and dashboards
- Describe incidents and incident management capabilities
Describe endpoint security with Microsoft Intune
- Describe what Intune is
- Describe endpoint security with Intune
- Describe the endpoint security with the Microsoft Endpoint Manager admin center
Learning Path: Describe the capabilities of Microsoft security solutions
Describe the Capabilities of Microsoft Compliance Solutions (25-30%)
Describe the compliance management capabilities in Microsoft
- Describe the compliance center
- Describe compliance manager
- Describe use and benefits of compliance score
Describe information protection and governance capabilities of Microsoft 365
- Describe data classification capabilities
- Describe the value of content and activity explorer
- Describe sensitivity labels
- Describe Retention Policies and Retention Labels
- Describe Records Management
- Describe Data Loss Prevention
Describe insider risk capabilities in Microsoft 365
- Describe Insider Risk Management (IRM) solution
- Describe communication compliance
- Describe information barriers
- Describe privileged access management
- Describe customer lockbox
Describe the eDiscovery capabilities of Microsoft 365
- Describe the purpose of eDiscovery
- Describe the capabilities of the content search tool
- Describe the core eDiscovery workflow
- Describe the advanced eDiscovery workflow
Describe the audit capabilities in Microsoft 365
- Describe the core audit capabilities of M365
- Describe the purpose and value of Advanced Auditing
Describe resource governance capabilities in Azure
- Describe the use of Azure Resource locks
- Describe what Azure Blueprints is
- Define Azure Policy and describe its use cases
- Describe cloud adoption framework
Learning Path: Describe the capabilities of Microsoft compliance solutions
MS-500 | Microsoft 365 Certified: Security Administrator Associate
I have included the MS-500 older exam here as an example of the overall skills measured in this exam. You can see that it measures your skills on a broad range of security solutions compared to the new exams which are more specific.
- Implement and manage identity and access
- Implement and manage threat protection
- Implement and manage information protection
- Manage governance and compliance features in Microsoft 365
If you are interested to take the MS-500 exam, please check my step-by-step guide on how to prepare and pass the MS-500 exam successfully.
Read, read, and read… I cannot stress enough that reading and understanding all the security concepts in general besides Microsoft 365 Defender, Azure Defender, and Azure Active Directory will help you to pass this exam. This is a fundamental exam, so you need to really understand all the security services provided by Microsoft because you will see a lot of questions.
The biggest subject areas that I saw on the SC-900 exam are the following:
- General security concepts
- Zero-Trust methodology
- The shared responsibility model
- Confidentiality, Integrity, Availability (CIA)
- Azure Active Directory (Azure AD)
- Conditional Access
- Self-Service Password Reset (SSPR)
- Password Protection
- Azure Active Directory Identity Protection
- Azure Security
- Network Security Groups (NSGs)
- Azure Firewall
- Azure Bastion
- Resource Group (RG) Locks
- Azure Policy
- Azure Sentinel (few basic questions)
- Security incident and event management (SIEM)
- Security orchestration automated response (SOAR)
- Extended detection and response (XDR)
- Azure Security Center (few basic questions)
- Azure Defender
- Cloud Security Posture Management (CSPM)
- Azure Secure Score
- Microsoft 365 Defender services
- Microsoft Cloud App Security (MCAS)
- Microsoft 365 security center
- Microsoft Defender for Office 365
- Microsoft Intune (few basic questions)
- Endpoint security with Intune
- Windows Hello for Business (few basic questions)
- Microsoft 365 Compliance Center
- Sensitivity labels
- Data Loss Prevention (DLP)
- Microsoft 365
- Insider Risk Management
- Customer Lockbox
- Advanced Auditing (long-term retention of audit logs)
You can expect a lot of questions similar to this one:
For the following statements select Yes if the statement is true. Otherwise select No.
Overall, I think Microsoft Worldwide Learning is doing a good job of gradually shaping these exams to reflect real-world Azure security best practice scenarios. The SC-900 exam is logically organized and focused solely on Microsoft 365 Defender services, Azure Sentinel, Azure Security, Identity Protection, and Azure Security Center/Azure Defender.
Check the following step-by-step hands-on labs that will help you to explore and gain fundamentals experience with Microsoft Security, Compliance, and Identity:
1) LAB 1 – Explore Azure Active Directory.
5) LAB 5 – Explore Azure Network Security Groups (NSGs).
6) LAB 6 – Explore Microsoft Defender for Cloud.
7) LAB 7 – Explore Microsoft Sentinel.
8) LAB 8 – Explore Microsoft Defender for Cloud Apps.
9) LAB 9 – Explore the Microsoft 365 Defender portal.
10) LAB 10 – Explore Microsoft Intune.
11) LAB 11 – Explore the Service Trust Portal.
13) LAB 13 – Explore sensitivity labels in Microsoft 365.
14) LAB 14 – Explore Insider Risk Management in Microsoft 365.
15) LAB 15 – Explore the Core eDiscovery workflow.
16) LAB 16 – Explore Azure Policy.
Validate your skills
If you wish to validate your skills before taking the real exam, I highly encourage you to purchase the following practice tests:
SC-900: Microsoft Security, Compliance, and Identity Fundamentals Microsoft Official Practice Test. The MeasureUp SC-900: Microsoft Security, Compliance, and Identity Fundamentals practice test from mind hub is designed to help you prepare for and pass the Microsoft SC-900 exam. This exam is aimed at business stakeholders, IT professionals who want to improve their understanding of security and compliance fundamentals in cloud-based and Microsoft services.
Instructor-led virtual training
Last but certainly not least, if you prefer instructor-led virtual training, Microsoft released SC-900T00-A 1 day course. This course is for candidates that are looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this course aligns with the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
Schedule SC-900 Exam
At the time of this writing, Microsoft launched the SC-900 exam in beta mode, if you would like to take the beta exam and receive the 80% discount*, use the code below when prompted for payment: SC900TUPELO. You must register for the exam on or before March 15, 2021. The seats are offered on a first-come, first-served basis.
Once you are ready, click Schedule exam here and take it online from the comfort of your home/office with proctor supervision.
If you are planning to take this exam… I wish you all the best and Happy Studying!!!
Thank you for reading my blog.
If you have any questions or feedback, please leave a comment.