Stay ahead by continuously learning and advancing your career.. Learn More

Microsoft Security, Compliance, and Identity Fundamentals (SC-900) Practice Exam

description

Bookmark Enrolled Intermediate

Microsoft Security, Compliance, and Identity Fundamentals (SC-900)


The Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam is designed for those who want to understand the basics of security, compliance, and identity (SCI) in Microsoft's cloud-based and related services. If you're interested in learning about these essential concepts, this exam is for you.


Who should take the Microsoft SC-900 Exam?

  • If you're curious about Microsoft's SCI solutions, this exam suits you, regardless of whether you're a business stakeholder, a new or experienced IT professional, or a student. 
  • You should have some knowledge of Microsoft Azure and Microsoft 365 and skills to learn how Microsoft's SCI solutions cover these areas to offer a complete solution from start to finish.


Exam Details of Microsoft SC-900 

  • Exam Code: SC-900
  • Exam Name: Microsoft Security, Compliance, and Identity Fundamentals
  • Exam Languages: English, Japanese, Chinese (Simplified), Korean, French, Spanish, Portuguese (Brazil), Russian, Arabic (Saudi Arabia), Indonesian (Indonesia), German, Chinese (Traditional), Italian
  • Exam Questions: 40-60 Questions
  • Passing Score: 700 or greater (On a scale 1 - 1000)


SC-900 Exam Course Outline 

The Microsoft SC-900 Exam covers the given topics  - 

Domain 1: Understand the concepts of security, compliance, and identity (10–15%)

Describing security and compliance concepts

  • Describing the shared responsibility model
  • Explain defense-in-depth
  • Explain the Zero Trust model
  • Understand encryption and hashing
  • Describing Governance, Risk, and Compliance (GRC) concepts


Define identity concepts

  • Defining identity as the primary security perimeter
  • Defining authentication
  • Defining authorization
  • Describing identity providers
  • Explaining the concept of directory services and Active Directory
  • Describing the concept of federation


Domain 2: Learn the capabilities of Microsoft Entra (25–30%)

Describing function and identity types of Microsoft Entra ID

  • Describing Microsoft Entra ID
  • Describing types of identities
  • Explaining hybrid identity


Explaining authentication capabilities of Microsoft Entra ID

  • Explaining the authentication methods
  • Describing multi-factor authentication (MFA)
  • Describing password protection and management capabilities


Explain access management capabilities of Microsoft Entra ID

  • Describing Conditional Access
  • Explain Microsoft Entra roles and role-based access control (RBAC)


Explain identity protection and governance capabilities of Microsoft Entra

  • Explaining Microsoft Entra ID Governance
  • Explaining access reviews
  • Explaining the capabilities of Microsoft Entra Privileged Identity Management
  • Describing Entra ID Protection
  • Describing Microsoft Entra Permissions Management


Domain 3: Learn the capabilities of Microsoft security solutions (35–40%)

Describing core infrastructure security services in Azure

  • Explaining Azure distributed denial-of-service (DDoS) Protection
  • Describing Azure Firewall
  • Explaining Web Application Firewall (WAF)
  • Explaining network segmentation with Azure virtual networks
  • Describing network security groups (NSGs)
  • Explaining Azure Bastion
  • Explaining Azure Key Vault


Describing security management capabilities of Azure

  • Explaining Microsoft Defender for Cloud
  • Describing Cloud Security Posture Management (CSPM)
  • Describing how security policies and initiatives improve the cloud security posture
  • Explaining enhanced security features provided by cloud workload protection


Describing capabilities of Microsoft Sentinel

  • Defining the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)
  • Describing threat detection and mitigation capabilities in Microsoft Sentinel


Describing threat protection with Microsoft 365 Defender

  • Explaining Microsoft 365 Defender services
  • Describing Microsoft Defender for Office 365
  • Describing Microsoft Defender for Endpoint
  • Explaining Microsoft Defender for Cloud Apps
  • Describing Microsoft Defender for Identity
  • Explaining Microsoft Defender Vulnerability Management
  • Explaining Microsoft Defender Threat Intelligence (Defender TI)
  • Describing the Microsoft 365 Defender portal


Domain 4: Understand the capabilities of Microsoft compliance solutions (20–25%)

Describing Microsoft Service Trust Portal and privacy principles

  • Explaining the Service Trust Portal offerings
  • Describing the privacy principles of Microsoft
  • Describing Microsoft Priva


Explaining compliance management capabilities of Microsoft Purview

  • Describing the Microsoft Purview compliance portal
  • Describing Compliance Manager
  • Explaining the uses and benefits of compliance score


Describing information protection, data lifecycle management, and data governance capabilities of Microsoft Purview

  • Describe the data classification capabilities
  • Describing the benefits of Content explorer and Activity explorer
  • Describing sensitivity labels and sensitivity label policies
  • Explaining data loss prevention (DLP)
  • Describing records management
  • Describing retention policies, retention labels, and retention label policies
  • Explaining unified data governance solutions in Microsoft Purview


Describing insider risk, eDiscovery, and audit capabilities in Microsoft Purview

  • Describing insider risk management
  • Describing eDiscovery solutions in Microsoft Purview
  • Explaining audit solutions in Microsoft Purview

Reviews

Tags: Microsoft Security, Compliance, and Identity Fundamentals (SC-900) Practice Exam, Microsoft Security, Compliance, and Identity Fundamentals (SC-900) Exam Questions,

Microsoft Security, Compliance, and Identity Fundamentals (SC-900) Practice Exam

Microsoft Security, Compliance, and Identity Fundamentals (SC-900) Practice Exam

  • Test Code:1007-P
  • Availability:In Stock

  • $7.99

  • Ex Tax:$7.99


%s reviews / Write a review

Microsoft Security, Compliance, and Identity Fundamentals (SC-900)


The Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam is designed for those who want to understand the basics of security, compliance, and identity (SCI) in Microsoft's cloud-based and related services. If you're interested in learning about these essential concepts, this exam is for you.


Who should take the Microsoft SC-900 Exam?

  • If you're curious about Microsoft's SCI solutions, this exam suits you, regardless of whether you're a business stakeholder, a new or experienced IT professional, or a student. 
  • You should have some knowledge of Microsoft Azure and Microsoft 365 and skills to learn how Microsoft's SCI solutions cover these areas to offer a complete solution from start to finish.


Exam Details of Microsoft SC-900 

  • Exam Code: SC-900
  • Exam Name: Microsoft Security, Compliance, and Identity Fundamentals
  • Exam Languages: English, Japanese, Chinese (Simplified), Korean, French, Spanish, Portuguese (Brazil), Russian, Arabic (Saudi Arabia), Indonesian (Indonesia), German, Chinese (Traditional), Italian
  • Exam Questions: 40-60 Questions
  • Passing Score: 700 or greater (On a scale 1 - 1000)


SC-900 Exam Course Outline 

The Microsoft SC-900 Exam covers the given topics  - 

Domain 1: Understand the concepts of security, compliance, and identity (10–15%)

Describing security and compliance concepts

  • Describing the shared responsibility model
  • Explain defense-in-depth
  • Explain the Zero Trust model
  • Understand encryption and hashing
  • Describing Governance, Risk, and Compliance (GRC) concepts


Define identity concepts

  • Defining identity as the primary security perimeter
  • Defining authentication
  • Defining authorization
  • Describing identity providers
  • Explaining the concept of directory services and Active Directory
  • Describing the concept of federation


Domain 2: Learn the capabilities of Microsoft Entra (25–30%)

Describing function and identity types of Microsoft Entra ID

  • Describing Microsoft Entra ID
  • Describing types of identities
  • Explaining hybrid identity


Explaining authentication capabilities of Microsoft Entra ID

  • Explaining the authentication methods
  • Describing multi-factor authentication (MFA)
  • Describing password protection and management capabilities


Explain access management capabilities of Microsoft Entra ID

  • Describing Conditional Access
  • Explain Microsoft Entra roles and role-based access control (RBAC)


Explain identity protection and governance capabilities of Microsoft Entra

  • Explaining Microsoft Entra ID Governance
  • Explaining access reviews
  • Explaining the capabilities of Microsoft Entra Privileged Identity Management
  • Describing Entra ID Protection
  • Describing Microsoft Entra Permissions Management


Domain 3: Learn the capabilities of Microsoft security solutions (35–40%)

Describing core infrastructure security services in Azure

  • Explaining Azure distributed denial-of-service (DDoS) Protection
  • Describing Azure Firewall
  • Explaining Web Application Firewall (WAF)
  • Explaining network segmentation with Azure virtual networks
  • Describing network security groups (NSGs)
  • Explaining Azure Bastion
  • Explaining Azure Key Vault


Describing security management capabilities of Azure

  • Explaining Microsoft Defender for Cloud
  • Describing Cloud Security Posture Management (CSPM)
  • Describing how security policies and initiatives improve the cloud security posture
  • Explaining enhanced security features provided by cloud workload protection


Describing capabilities of Microsoft Sentinel

  • Defining the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)
  • Describing threat detection and mitigation capabilities in Microsoft Sentinel


Describing threat protection with Microsoft 365 Defender

  • Explaining Microsoft 365 Defender services
  • Describing Microsoft Defender for Office 365
  • Describing Microsoft Defender for Endpoint
  • Explaining Microsoft Defender for Cloud Apps
  • Describing Microsoft Defender for Identity
  • Explaining Microsoft Defender Vulnerability Management
  • Explaining Microsoft Defender Threat Intelligence (Defender TI)
  • Describing the Microsoft 365 Defender portal


Domain 4: Understand the capabilities of Microsoft compliance solutions (20–25%)

Describing Microsoft Service Trust Portal and privacy principles

  • Explaining the Service Trust Portal offerings
  • Describing the privacy principles of Microsoft
  • Describing Microsoft Priva


Explaining compliance management capabilities of Microsoft Purview

  • Describing the Microsoft Purview compliance portal
  • Describing Compliance Manager
  • Explaining the uses and benefits of compliance score


Describing information protection, data lifecycle management, and data governance capabilities of Microsoft Purview

  • Describe the data classification capabilities
  • Describing the benefits of Content explorer and Activity explorer
  • Describing sensitivity labels and sensitivity label policies
  • Explaining data loss prevention (DLP)
  • Describing records management
  • Describing retention policies, retention labels, and retention label policies
  • Explaining unified data governance solutions in Microsoft Purview


Describing insider risk, eDiscovery, and audit capabilities in Microsoft Purview

  • Describing insider risk management
  • Describing eDiscovery solutions in Microsoft Purview
  • Explaining audit solutions in Microsoft Purview