SC-900: Microsoft Security, Compliance and Identity Fundamentals

Overview

Gain essential knowledge in security, compliance, and identity while exploring how these concepts apply across Microsoft’s cloud-based solutions. Discover how to manage access, protect data, and strengthen your organisation’s security posture through integrated tools and intelligent features. Designed for those new to the field or looking to build a strong baseline, the learning journey sets the stage for understanding modern challenges and solutions in a connected, cloud-first world.

Key Takeaways

• Describe the shared responsibility and the defense-in-depth security models
• Describe the concepts of encryption and hashing
• Understand the difference between authentication and authorisation
• Describe identity-related services
• Describe the types of identities Microsoft Entra ID supports
• Describe multifactor authentication (MFA) in Microsoft Entra ID
• Describe the password protection and management capabilities of Microsoft Entra ID
• Describe Microsoft Entra roles and role-based access control
• Describe Privileged Identity Management
• Learn how Azure security capabilities can protect the network
• Learn how to keep secrets safe with Azure Key Vault
• Describe how security policies and initiatives improve cloud security posture
• Describe the security concepts for SIEM and SOAR
• Describe Microsoft Security Copilot
• Describe how Microsoft Defender XDR provides integrated protection against sophisticated attacks
• Describe the offerings of the Service Trust Portal
• Describe Microsoft Priva
• Describe Compliance Manager
• Describe data classification capabilities
• Describe data loss prevention
• Describe insider risk management
• Describe the eDiscovery capabilities of Microsoft Purview
• Describe the Zero-Trust model
• Describe some basic compliance concepts
• Describe the concept of identity as a security perimeter
• Describe the function of Microsoft Entra ID
• Describe the authentication methods of Microsoft Entra ID
• Describe self-service password reset (SSPR) in Microsoft Entra ID
• Describe Conditional Access in Microsoft Entra ID
• Describe the capabilities of Microsoft Entra ID Governance
• Describe the capabilities of Microsoft Entra ID Protection.
• Learn how Azure can protect your VMs
• Describe Microsoft Defender for Cloud
• Describe how the three pillars of Microsoft Defender for Cloud protect against cyber threats and vulnerabilities
• Describe how Microsoft Sentinel provides threat detection and mitigation
• Describe the Microsoft Defender XDR service
• Describe and explore the Microsoft Defender portal
• Describe Microsoft's Privacy principles
• Describe the Microsoft Purview compliance portal
• Describe the use and benefits of the compliance score
• Describe records management
• Describe unified data governance
• Describe communication compliance
• Describe the auditing capabilities of Microsoft Purview

Who Should Attend

• Please refer to the job roles section. You are looking to familiarise yourselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this programme aligns with the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.

Prerequisites

• General understanding of networking and cloud computing concepts.
• General IT knowledge or any general experience working in an IT environment.
• General understanding of Microsoft Azure and Microsoft 365.