SC-900: MS Fundamentals
Welcome to the SC-900 Fundamentals
This certification course prepares you to obtain the Microsoft Certified Security, Compliance and Identity fundamentals. Throughout the 7 modules you will cover all the content and see examples of the knowledge.
With this course, you also get access to a textbook, presentation and sample questions.
You will also see a series of links to Microsoft Learn with each video. Be sure to check out this content while studying.
The videos add up to 4 hours of viewing and listening material.
Introduction
1.1 Introduction course
Welcome to the SC-900 course. In this video, we look at:
- What is the SC-900 exam.
- Why take a certification exam.
- What topics are covered in the course
- Where do you find all the material?
- What prior knowledge should you have?
Sources:
1.2 Microsoft SC-900 exam
How to prepare yourself for the exam:
- What is this SC-300 exam
- Where can you find a mock exam?
- What topics are covered?
- How to take an exam.
Concepts of security
2.1 Introduction
The first chapter is a theoretical section in which we will discuss the different concepts of security. We discuss:
- What is the content of this chapter
2.2 Defense in Depth
The first concept is Defense in Depth. We discuss:
- What is Defense in Depth
- How do you translate this to functionalities.
- How is this in the cloud versus the on-premise environment?
- Which are all the layers of this model?
The accompanying link on Learn:
2.3 CIA Triad
What is the CIA triad that is also used outside Microsoft? We discuss:
- What does CIA stand for?
- What do these techniques mean?
- What should you pay attention to when securing?
More info:
3. Administrator Expirience, Roll-out & Cloud concepten
3.1 Introductie
Dit tweede thema is de beheerders weergave en enkele belangrijke woorden die je moet kennen. We bespreken:
- Hoe is de Admin expirience?
- Welke is de Evergreen aanpak?
- Welke is de Modern Lifecycle management aanpak?
- Wat is Shared Responsibility?
- Wat is de cloud?
Meer bronnen:
3.2 Administrator Expirience
Misschien voor velen een reeds gekende of dagelijks gebruikte omgeving. Maar wat is het Admin center? We bespreken:
- Hoe open je de Admin portal?
- Welke zijn de functies van het admin center?
- Nadruk op rapportage.
Meer bronnen:
3.3 Shared Responsibility
Een volgend concept is Shared Responisbility. We behandelen:
- Wat is On_premise, IAAS? SAAS, PAAS?
- Wie is waarvoor verantwoordelijk?
- Wat is Shared Responsibility?
Meer info:
- https://learn.microsoft.com/nl-nl/training/modules/describe-security-concepts-methodologies/2-describe-shared-responsibility-model
- Security-101/1.6 Shared responsibility model.md at main · microsoft/Security-101 · GitHub
- Microsoft Azure Fundamentals: Describe cloud concepts – Training | Microsoft Learn
3.4 Modern Lifecyle Management
- Naast Apps zijn er ook services. Dit zijn vaak de servers en daaruitvloeiende diensten die worden aangeboden. We bespreken:
- Welke zijn de release ringen van M365?
- Wat is Modern Lifecycle Policy?
- Watis de Evergreen aanpak?
Meer bronnen:
MS Entra & the 3/4 A's
3.1 Introduction
Identity is one of the titles of your exam. So this is a very important part. We cover in this video:
- What will we learn this module?
- Which are the 4 A’s?
3.2 Entra ID
Entra is the beating heart of all of the cloud. All identities and authentications come through this. So this is something we need to investigate carefully:
- What is Entra?
- What is AD, AAD, AADDS?
- What is managed in Entra?
- What hybrid options are available?
- What is Azure B2B?
- What is Azure B2C?
More info:
4.3 Entra ID Protocollen
Entra ID spreekt verschillende protocollen en ook het systeem achter een federation moeten we bekijken. We bespreken:
- De verschillende protocollen
- Hoe werkt SSO?
- Trust, Federation, Claims en Tokens.
Meer info:
3.3 Authentication
We need to discuss Authentication:
- How can you authenticate?
- What is Multi-Factor authentication?
- What is secure authentication?
More info:
3.4 Identity Protection
Identity is the most important link in our beveiigation policy. Therefore, we also need to give them extra protection.
We discuss:
- Azure AD (Entra) Identity Protection
- Risk Assignments
- The three levels of Entra ID.
More info:
3.5 MS Entra demo
After theory comes practice. We discuss:
- Azure AD (Entra) Identity rotection
- Dynamic groups
- Assign licenses and Apps to groups
- Detecting risky users
- Hybrid set-up check.
- Multi-Factor setting in the three ways.
3.6 PIM Management
A final module of Entra ID is about PIM Management. We discuss:
- What is PIM Management?
- Why Just-In-Time?
- What does an Access Package look like in practice?
More info:
4.8 MFA (Legacy)
Organisaties zonder M365 liceties of met een Gratis A1 licentie (zonder Entra Premium P1/P2) gebruiken de Legacy Multi-Factor authenticatie. We bekijken:
- Hoe configureer je MFA voor gebruikers?
- Wat zijn app paswoorden en waarom gebruiken we ze niet?
- Hoe MFA afdwingen of toelaten?
- Waar geef je veilige IP segmenten op?
4.9 MFA (Modern & Conditional Access)
Organisaties MET M365 licenties (met Entra Premium P1/P2) gebruiken de Moderne Multi-Factor authenticatie. We bekijken:
- Wat is MFA in de moderne wereld?
- Wat is voorwaardelijke toegang?
- Hoe wordt dit gebruikt om moderne authenticatie te ontwerpen?
- Wat met wachtwoordloos aanmelden?
Meer info:
4.10 Administration
Met heel veel aandacht besteed aan de Authentication en Authorisation( CA) kunnen we nog kort de ander A’s bespreken. We bespreken:
- Wat houdt Administration in?
- Kort overlopen van de 4 A’s.
Meer info:
Microsoft Azure
4.1 Introduction
What is the cloud? What is Azure?
And what are we going to look at in this chapter?
4.2 Azure Management structure
Within azure, there are a lot of words to learn and a lot of technology. We cover:
- What is a Management group?
- What is a subscription?
- What is a resource group?
- What do you set? What about Locks?
More info:
- https://learn.microsoft.com/en-us/training/modules/describe-core-architectural-components-of-azure/3-get-started-azure-accounts
- https://learn.microsoft.com/en-us/training/modules/describe-azure-identity-access-security/6-role-based-access-control
- https://learn.microsoft.com/en-us/training/modules/describe-features-tools-azure-for-governance-compliance/4-describe-purpose-of-resource-locks
4.3 ARM & Blueprints
There are also configuration templates you can create in Azure. This is necessary to obtain scalability. We discuss:
- What is an ARM Template?
- What is a Blueprint?
- What are the properties of each?
More info:
4.4 Cloud Adoption Framework
What are the steps to move to the MS Cloud? What frameworks or guides exist? You will learn this in the CLoud Adoption Framework.
More info:
4.5 Azure Networks
In addition to managing Azure, you must also be able to create and manage networks in Azure. We discuss:
- What is an NSG?
- What is Azure Firewall?
- What is the DDOS protection?
- What is a Web Application Firewall?
- What is Azure Bastion?
More info:
- https://learn.microsoft.com/en-us/azure/site-recovery/concepts-network-security-group-with-site-recovery
https://learn.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview- https://learn.microsoft.com/en-us/azure/firewall/overview
- https://learn.microsoft.com/en-us/azure/web-application-firewall/overview
- https://learn.microsoft.com/en-us/azure/bastion/bastion-overview
- https://learn.microsoft.com/en-us/azure/networking/
4.6 Azure Data
In addition to managing Azure networks and resources, you also need to be able to protect data in Azure. We discuss:
- What a storage account?
- What types of encryption keys do you use?
- What is encryption at rest?
- What is Azure Key Vault?
More info:
6. Security & Microsoft Defender XDR
6.1 Introductie
Security is een belangrijk onderdeel van elk Microsoft examen. We bespreken:
- Welke concepten zullen we bestuderen?
- Wat is MS Defender?
- Wat met MS Sentinel?
Meer bronnen:
6.2 Defense in Depth
Het eerste concept is Defense in Depth. We bespreken:
- Wat is Defense in Depth
- Hoe verteel je dit naar functionaliteiten.
- Hoe is dit in de cloud t.o.v. de on-premise omgeving?
- Welke zijn alle lagen van dit model?
De bijhorende link op Learn:
6.3 CIA Triade
Wat is de CIA triade die ook buiten Microsoft gebruikt wordt? We bespreken:
- Waarvoor staat CIA?
- Wat willen deze technieken zeggen?
- Waarop moet je letten bij het beveiligen?
Meer info:
6.4 Veel voorkomende bedreigingen
- Welke zijn de veel voorkomende bedrijgingen voor een omgeving? We bespreken:
- De verschillende bedreigingen?
- Op welk onderwerp zijn deze gericht?
- Waar moet je voor opletten?
Meer info:
6.5 Encryptie en Hashing
Een meer techisch onderdeel is het encrypteren van gegevens en welke de theorie hier achter is. Zo bekijken we:
- Wat is encryptie?
- Wat is symatische encryptie?
- Wat is asymetrische encryptie?
- Wat is hashing?
- Wat is encryptie at rest of at transit?
Meer info:
6.6 Zero Trust
Het meest gebruikte concept bij microsoft is Zero Trust. We bespreken:
- Wat is Zero Trust
- Wat is verify explicitly?
- Wat is zero trust in de praktijk?
- Hoe zien we dit binnen Microsoft technologie?
Meer info:
6.7 Zero trust model en MS Defender
Vanuit Zero Trust pijlers maak je snel de overstap naar MS Defender. We behandelen:
- Welk is het systeem met signalen?
- Welke MS Defenders bestaan er?
- Wat kan je allemaal in MS Defender?
- Wat is die Sentinel?
Meer info:
6.8 Data labels
Nog een kleine uitbreiding die hierbij hoort is het classificeren en labelen van Data.
Meer info:
MS Purview (Compliance manager)
6.1 MS Compliance
After all the chunk of Security and Identity, Compliance also remains. Many organizations have not yet addressed this and are losing a lot of money on lost information as a result.
- How correctly does our organization operate according to legislation
- Are our policies being followed properly?
- What information do we process?
- What actions do employees take?
We examine the Compliance Manager.
7.2 Types data compliance
Microsoft hanteert drie typen data compliance. We behandelen:
- Wat is data residency?
- Wat is data sovereignity
- Wat is data privacy?
Meer info:
7.3 Microsoft Security Principles
Microsoft hanteert de security principles. We behandelen:
- Welke zijn de principes?
- Wat betekenen deze principes?
- Hoe past dit bij de GDPR wetgeving?
Meer info:
7.4 MS Service Trust Portal
Wat is het Microsoft Service Trust center?
Welke documenten kan je hier vinden?
Meer info:
6.2 Compliance Center / Purview
We are further exploring how compliance centers are structured and what components are in here.
- What compliance components are there?
- What compliance score do we have?
- What compliance score do we have?
- How do I log legal obligations?
More info:
Describing the use and benefits of the compliance score – Training | Microsoft Learn
6.3 MS Purview DEMO
Now that you understand what compliance is and what you all want to investigate, let’s look into the interfaces themselves.
6.4 Audits
You want to schedule surveys to be conducted. Therefore, we review:
- What levels of audits exist?
- Which livences provide which tools?
- How do you conduct an audit?
6.5 Labels
One aof the first Compliancy policies you want to implement are labels. That way you can track information and use it in reports and policies.
- Sensitivity labels
- Save labels
More info:
Describing compliance portal data classification capabilities – Training | Microsoft Learn
Describing retention policies and retention labels – Training | Microsoft Learn
Microsoft Defender & MS Intune
5.1 Introduction
You have already been introduced to MS Sentinel and want this technology integrated into M365? But maybe not quite as strong?
Therefore, we examine the Microsoft Defender suite.
But you also want to manage computers?
Then you need to discover MS Intune.
In this chapter, we will learn about both products
5.2 MS Defender
Defender is THE security solution you want to use. We explore what components MS Defender all has and what an XDR solution is.
More info:
5.3 EDR, XRD, SIEM, SOAR?
Still, let’s get everything straight. Now what is this SIEM? SOAR? EDR and XDR? A brief explanation.
5.4 MS Defender DEMO
What does this Defender portal look like?
What can you do with it?
What is an Alert and what is an Incident?
Measurements, calculated columns and extras
You have now processed all the information and have a view of the Security and Compliancy capabilities in the Microsoft ecosystem.
Prepare for your exam:
- Trial Exam MS Learn
- Learning Pathways MS Learn
- Youtube videos
- Sample exam questions
SC-900 EXAM
Then contact us at [email protected] to take and schedule your exam.
There are prizes especially for education and also promotions with free exam vouchers.
We can do this at your own school for the entire class or remotely for a few individuals.
You always need an account on certiport.com to take an exam.