SC-900 Exam Format | SC-900 Course Contents | SC-900 Course Outline | SC-900 Exam Syllabus | SC-900 Exam Objectives

Exam Code: SC-900
Exam Name: Microsoft Security, Compliance, and Identity Fundamentals
Certification: Microsoft Certified: Security, Compliance, and Identity Fundamentals
Level: Fundamental (Beginner-friendly)
Duration: 60 minutes
Number of Questions: 40-60 questions (multiple-choice, drag-and-drop, case studies)
Passing Score: 700/1000 (scored on a scale of 1-1000)

Describe the concepts of security, compliance, and identity (10–15%)
Describe the capabilities of Microsoft Entra (25–30%)
Describe the capabilities of Microsoft security solutions (35–40%)
Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe the concepts of security, compliance, and identity (10–15%)
- security and compliance concepts
- the shared responsibility model
- defense-in-depth
- the Zero Trust model
- encryption and hashing
- Governance, Risk, and Compliance (GRC) concepts
- identity concepts
- identity as the primary security perimeter
- authentication
- authorization
- identity providers
- the concept of directory services and Active Directory
- the concept of federation

Describe the capabilities of Microsoft Entra (25–30%)
- function and identity types of Microsoft Entra ID
- Microsoft Entra ID
- types of identities
- hybrid identity
- authentication capabilities of Microsoft Entra ID
- the authentication methods
- multi-factor authentication (MFA)
- password protection and management capabilities
- access management capabilities of Microsoft Entra ID
- Conditional Access
- Microsoft Entra roles and role-based access control (RBAC)
- identity protection and governance capabilities of Microsoft Entra
- Microsoft Entra ID Governance
- access reviews
- the capabilities of Microsoft Entra Privileged Identity Management
- Microsoft Entra ID Protection
- Microsoft Entra Permissions Management

- the capabilities of Microsoft security solutions (35–40%)
- core infrastructure security services in Azure
- Azure distributed denial-of-service (DDoS) Protection
- Azure Firewall
- Web Application Firewall (WAF)
- network segmentation with Azure virtual networks
- network security groups (NSGs)
- Azure Bastion
- Azure Key Vault
- security management capabilities of Azure
- Microsoft Defender for Cloud
- Cloud Security Posture Management (CSPM)
- how security policies and initiatives improve the cloud security posture
- enhanced security features provided by cloud workload protection
- capabilities of Microsoft Sentinel
- security information and event management (SIEM) and security orchestration automated response (SOAR)
- threat detection and mitigation capabilities in Microsoft Sentinel
- threat protection with Microsoft Defender XDR
- Microsoft Defender XDR services
- Microsoft Defender for Office 365
- Microsoft Defender for Endpoint
- Microsoft Defender for Cloud Apps
- Microsoft Defender for Identity
- Microsoft Defender Vulnerability Management
- Microsoft Defender Threat Intelligence (Defender TI)
- the Microsoft Defender portal

Describe the capabilities of Microsoft compliance solutions (20–25%)
- Microsoft Service Trust Portal and privacy principles
- the Service Trust Portal offerings
- the privacy principles of Microsoft
- Microsoft Priva
- compliance management capabilities of Microsoft Purview
- the Microsoft Purview compliance portal
- Compliance Manager
- the uses and benefits of compliance score
- information protection, data lifecycle management, and data governance capabilities of Microsoft Purview
- the data classification capabilities
- the benefits of Content explorer and Activity explorer
- sensitivity labels and sensitivity label policies
- data loss prevention (DLP)
- records management
- retention policies, retention labels, and retention label policies
- unified data governance solutions in Microsoft Purview
- insider risk, eDiscovery, and audit capabilities in Microsoft Purview
- insider risk management
- eDiscovery solutions in Microsoft Purview
- audit solutions in Microsoft Purview