SC-900 Extras

SC-900 Overview & My Tips

SC-900 or Microsoft Security, Compliance, and Identity Fundamentals is a fundamentals (one star) certification from Microsoft.  It is aimed at people who want to know about the security, compliance and identity feature of the various Microsoft Cloud products (Microsoft 365, Azure and Dynamics 365).  Note this certification focuses on Microsoft 365 and Azure only.

Generally, the Fundamentals qualifications can be classified as looking at what not how.  So, for example, with the Security, Compliance and Identity Fundamentals you need to know what options are available for securing your cloud services within the Microsoft stack but not how to implement it.  Therefore these qualifications are often targeted at those in business management and sales roles.  If you have a technical role or mindset, the challenge with the fundamentals certifications can be that we tend to want to know how something works in order to understand what it can do and therefore end up overcomplicating things and going too deep.  The objectives for this exam are primarily to describe or define the features.

Disclaimer: All these links were correct at the time of posting.  But the Cloud changes regularly, so the referenced articles my change/be removed.  Please do post a comment if you spot a broken link or have suggestions to add so others can benefit too.

General References

Taking a Microsoft Professional Exam

There are a number of blogs about taking MCP exams.  My personal favourites are:

Pre-study References

Before attending an SC-900 course you should have a good understanding of what the Microsoft Cloud is.  I would recommend reviewing both MS-900 (Microsoft 365 Fundamentals) and AZ-900 (Azure Fundamentals) content either by attending a course or reviewing the content on Microsoft Learn. You do not need to pass the exams, but the content will help with this course and exam.  These resources can help.

Microsoft Learn Learning Paths (SC-900)

References by Exam Objectives

Based on exam objectives from July 26, 2021

Describe the Concepts of Security, Compliance, and Identity (10-15%)

Describe security and compliance concepts & methodologies

There is no specific reference for this and the actual threat landscape does shift continuously.  Threats to organisational security are around the risks to organisations of loss of data or loss of service.  The terms you should understand and be able to explain are unauthorised access to systems (commonly known as hacking), unauthorised use of user credentials, denial of service attacks, malware, ransomware, data stolen by staff, data accidentally lost by staff, phishing, spear phishing, scams, SQL injection, dictionary attack, brute force attack, trojan, worm, rootkit exploits

See also Introduction to cybersecurity – Learn | Microsoft Docs

Define identity concepts

Describe the capabilities of Microsoft Identity and Access Management Solutions (30-35%)

Describe the basic identity services and identity types of Azure AD

Describe the authentication capabilities of Azure AD

Describe access management capabilities of Azure AD

Describe the identity protection & governance capabilities of Azure AD

Describe the capabilities of Microsoft Security Solutions (35-40%)

Describe basic security capabilities in Azure

Describe security management capabilities of Azure

Describe security capabilities of Azure Sentinel

Describe threat protection with Microsoft 365 Defender

Describe security management capabilities of Microsoft 365

Describe endpoint security with Microsoft Intune

Describe the Capabilities of Microsoft Compliance Solutions (25-30%)

Describe the compliance management capabilities in Microsoft

Describe information protection and governance capabilities of Microsoft 365

Describe insider risk capabilities in Microsoft 365

Describe the eDiscovery and audit capabilities of Microsoft 365

Describe resource governance capabilities in Azure

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s