SC-900: MS Fundamentals
Welcome to the SC-900 Fundamentals
This certification course prepares you to obtain the Microsoft Certified Security, Compliance and Identity fundamentals. Throughout the 7 modules you will cover all the content and see examples of the knowledge.
With this course, you also get access to a textbook, presentation and sample questions.
You will also see a series of links to Microsoft Learn with each video. Be sure to check out this content while studying.
The videos add up to 4 hours of viewing and listening material.
Introduction
1.1 Introduction course
Welcome to the SC-900 course. In this video, we look at:
- What is the SC-900 exam.
- Why take a certification exam.
- What topics are covered in the course
- Where do you find all the material?
- What prior knowledge should you have?
Sources:
1.2 Microsoft SC-900 exam
How to prepare yourself for the exam:
- What is this SC-300 exam
- Where can you find a mock exam?
- What topics are covered?
- How to take an exam.
Concepts of security
2.1 Introduction
The first chapter is a theoretical section in which we will discuss the different concepts of security. We discuss:
- What is the content of this chapter
2.2 Defense in Depth
The first concept is Defense in Depth. We discuss:
- What is Defense in Depth
- How do you translate this to functionalities.
- How is this in the cloud versus the on-premise environment?
- Which are all the layers of this model?
The accompanying link on Learn:
2.3 CIA Triad
What is the CIA triad that is also used outside Microsoft? We discuss:
- What does CIA stand for?
- What do these techniques mean?
- What should you pay attention to when securing?
More info:
2.4 Common threats
- What are the common threats to an environment? We discuss:
- The various threats?
- What topic are these focused on?
- What do you need to watch out for?
More info:
2.5 Zero Trust
The most commonly used concept at microsoft is Zero Trust. We discuss:
- What is Zero Trust
- What is verify explicitly?
- What is zero trust in practice?
- How do we see this within Microsoft technology?
More info:
2.6 Encryption and Hashing
A more technical part is encrypting data and what the theory behind this is. This is how we view:
- What is encryption?
- What is symmetric encryption?
- What is asymmetric encryption?
- What is hashing?
- What is encryption at rest or at transit?
More info:
2.7 Shared Responsibility
Another concept is Shared Responisbility. We cover:
- What is On_premise, IAAS? SAAS, PAAS?
- Who is responsible for what?
- What is Shared Responsibility?
More info:
2.8 Security Principles
Microsoft follows security principles. We cover:
- What are the principles?
- What do these principles mean?
- How does this fit with GDPR legislation?
More info:
2.9 Microsoft Priva
Microsoft Priva is a Privacy Center. It is a fairly new addition to the suite and replaces components from the Compliance and GDPR compliance center. We review:
- What is Microsoft Priva?
- Discovering risk management
- GDPR requests follow up
- Central permission management
More info:
2.10 Microsoft Service Trust
What is the Microsoft Service Trust center?
What documents can you find here?
More info:
MS Entra & the 3/4 A's
3.1 Introduction
Identity is one of the titles of your exam. So this is a very important part. We cover in this video:
- What will we learn this module?
- Which are the 4 A’s?
3.2 Entra ID
Entra is the beating heart of all of the cloud. All identities and authentications come through this. So this is something we need to investigate carefully:
- What is Entra?
- What is AD, AAD, AADDS?
- What is managed in Entra?
- What hybrid options are available?
- What is Azure B2B?
- What is Azure B2C?
More info:
3.3 Authentication
We need to discuss Authentication:
- How can you authenticate?
- What is Multi-Factor authentication?
- What is secure authentication?
More info:
3.4 Identity Protection
Identity is the most important link in our beveiigation policy. Therefore, we also need to give them extra protection.
We discuss:
- Azure AD (Entra) Identity Protection
- Risk Assignments
- The three levels of Entra ID.
More info:
3.5 MS Entra demo
After theory comes practice. We discuss:
- Azure AD (Entra) Identity rotection
- Dynamic groups
- Assign licenses and Apps to groups
- Detecting risky users
- Hybrid set-up check.
- Multi-Factor setting in the three ways.
3.6 PIM Management
A final module of Entra ID is about PIM Management. We discuss:
- What is PIM Management?
- Why Just-In-Time?
- What does an Access Package look like in practice?
More info:
Microsoft Azure
4.1 Introduction
What is the cloud? What is Azure?
And what are we going to look at in this chapter?
4.2 Azure Management structure
Within azure, there are a lot of words to learn and a lot of technology. We cover:
- What is a Management group?
- What is a subscription?
- What is a resource group?
- What do you set? What about Locks?
More info:
- https://learn.microsoft.com/en-us/training/modules/describe-core-architectural-components-of-azure/3-get-started-azure-accounts
- https://learn.microsoft.com/en-us/training/modules/describe-azure-identity-access-security/6-role-based-access-control
- https://learn.microsoft.com/en-us/training/modules/describe-features-tools-azure-for-governance-compliance/4-describe-purpose-of-resource-locks
4.3 ARM & Blueprints
There are also configuration templates you can create in Azure. This is necessary to obtain scalability. We discuss:
- What is an ARM Template?
- What is a Blueprint?
- What are the properties of each?
More info:
4.4 Cloud Adoption Framework
What are the steps to move to the MS Cloud? What frameworks or guides exist? You will learn this in the CLoud Adoption Framework.
More info:
4.5 Azure Networks
In addition to managing Azure, you must also be able to create and manage networks in Azure. We discuss:
- What is an NSG?
- What is Azure Firewall?
- What is the DDOS protection?
- What is a Web Application Firewall?
- What is Azure Bastion?
More info:
- https://learn.microsoft.com/en-us/azure/site-recovery/concepts-network-security-group-with-site-recovery
https://learn.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview- https://learn.microsoft.com/en-us/azure/firewall/overview
- https://learn.microsoft.com/en-us/azure/web-application-firewall/overview
- https://learn.microsoft.com/en-us/azure/bastion/bastion-overview
- https://learn.microsoft.com/en-us/azure/networking/
4.6 Azure Data
In addition to managing Azure networks and resources, you also need to be able to protect data in Azure. We discuss:
- What a storage account?
- What types of encryption keys do you use?
- What is encryption at rest?
- What is Azure Key Vault?
More info:
4.7 Azure Security Center
Security of Azure should also be monitored centrally. Therefore, a platform was created that groups all Security alerts. We discuss:
- What MS Azure Security Center?
- What actions can you perform here?
- What about your security score?
- How does this compare to Microsoft Defender for Cloud?
More info:
4.8 MS Sentinel
In addition to security centers of various products, there is also a SIEM and SOAR solution. We discuss:
- What is MS Sentinel?
- What is MS Sentinel based on?
- What about connectors?
- What are playbooks and workbooks?
More info:
- What is Microsoft Sentinel? | Microsoft Learn
4.9 Azure demo
Now that we have learned a lot about MS Azure, it is very useful to take a moment to explore the interface itself.
This is not knowledge required for the exam but can help make it visually pre-counted and easier to remember.
Microsoft Defender & MS Intune
5.1 Introduction
You have already been introduced to MS Sentinel and want this technology integrated into M365? But maybe not quite as strong?
Therefore, we examine the Microsoft Defender suite.
But you also want to manage computers?
Then you need to discover MS Intune.
In this chapter, we will learn about both products
5.2 MS Defender
Defender is THE security solution you want to use. We explore what components MS Defender all has and what an XDR solution is.
More info:
5.3 EDR, XRD, SIEM, SOAR?
Still, let’s get everything straight. Now what is this SIEM? SOAR? EDR and XDR? A brief explanation.
5.4 MS Defender DEMO
What does this Defender portal look like?
What can you do with it?
What is an Alert and what is an Incident?
5.5 MS Intune
Managing endpoints is a multi-hour course in itself. You need to study MS Entra and MS Intune. But this is a Fundamentals course so now we will limit ourselves to some concepts.
- What is MS Intune?
- What are policies?
- What about Apps and Updates?
More info:
https://learn.microsoft.com/nl-nl/training/modules/intro-to-endpoint-manager
5.6 MS Intune DEMO
Theory remains theory. Therefore, a demo now:
- What does such a platform look like?
- How do you create a policy?
- How do you distribute settings?
MS Purview (Compliance manager)
6.1 MS Compliance
After all the chunk of Security and Identity, Compliance also remains. Many organizations have not yet addressed this and are losing a lot of money on lost information as a result.
- How correctly does our organization operate according to legislation
- Are our policies being followed properly?
- What information do we process?
- What actions do employees take?
We examine the Compliance Manager.
6.2 Compliance Center / Purview
We are further exploring how compliance centers are structured and what components are in here.
- What compliance components are there?
- What compliance score do we have?
- What compliance score do we have?
- How do I log legal obligations?
More info:
Describing the use and benefits of the compliance score – Training | Microsoft Learn
6.3 MS Purview DEMO
Now that you understand what compliance is and what you all want to investigate, let’s look into the interfaces themselves.
6.4 Audits
You want to schedule surveys to be conducted. Therefore, we review:
- What levels of audits exist?
- Which livences provide which tools?
- How do you conduct an audit?
6.5 Labels
One aof the first Compliancy policies you want to implement are labels. That way you can track information and use it in reports and policies.
- Sensitivity labels
- Save labels
More info:
Describing compliance portal data classification capabilities – Training | Microsoft Learn
Describing retention policies and retention labels – Training | Microsoft Learn
6.6 Barriers, eDiscovery and Lockbox
Three latest technologies or techniques we are exploring:
- Information Barriers
- eDiscovery
- Customer Lockbox
More info:
Describing the eDiscovery solutions in Microsoft Purview – Training | Microsoft Learn
Measurements, calculated columns and extras
7 Exam preparation
You have now processed all the information and have a view of the Security and Compliancy capabilities in the Microsoft ecosystem.
Prepare for your exam:
- Trial Exam MS Learn
- Learning Pathways MS Learn
- Youtube videos
- Sample exam questions
SC-900 EXAM
Then contact us at [email protected] to take and schedule your exam.
There are prizes especially for education and also promotions with free exam vouchers.
We can do this at your own school for the entire class or remotely for a few individuals.
You always need an account on certiport.com to take an exam.