SC-900: MS Fundamentals

Welcome to the SC-900 Fundamentals

This certification course prepares you to obtain the Microsoft Certified Security, Compliance and Identity fundamentals. Throughout the 7 modules you will cover all the content and see examples of the knowledge.

With this course, you also get access to a textbook, presentation and sample questions.

You will also see a series of links to Microsoft Learn with each video. Be sure to check out this content while studying.

The videos add up to 4 hours of viewing and listening material.

Introduction

1.1 Introduction course

Welcome to the SC-900 course. In this video, we look at:

  • What is the SC-900 exam.
  • Why take a certification exam.
  • What topics are covered in the course
  • Where do you find all the material?
  • What prior knowledge should you have?

Sources:

1.2 Microsoft SC-900 exam

How to prepare yourself for the exam:

  • What is this SC-300 exam
  • Where can you find a mock exam?
  • What topics are covered?
  • How to take an exam.

Concepts of security

2.1 Introduction

The first chapter is a theoretical section in which we will discuss the different concepts of security. We discuss:

  • What is the content of this chapter

2.2 Defense in Depth

The first concept is Defense in Depth. We discuss:

  • What is Defense in Depth
  • How do you translate this to functionalities.
  • How is this in the cloud versus the on-premise environment?
  • Which are all the layers of this model?

The accompanying link on Learn:

2.3 CIA Triad

What is the CIA triad that is also used outside Microsoft? We discuss:

  • What does CIA stand for?
  • What do these techniques mean?
  • What should you pay attention to when securing?

More info:

2.4 Common threats

  • What are the common threats to an environment? We discuss:
  • The various threats?
  • What topic are these focused on?
  • What do you need to watch out for?

More info:

2.5 Zero Trust

The most commonly used concept at microsoft is Zero Trust. We discuss:

  • What is Zero Trust
  • What is verify explicitly?
  • What is zero trust in practice?
  • How do we see this within Microsoft technology?

More info:

2.6 Encryption and Hashing

A more technical part is encrypting data and what the theory behind this is. This is how we view:

  • What is encryption?
  • What is symmetric encryption?
  • What is asymmetric encryption?
  • What is hashing?
  • What is encryption at rest or at transit?

More info:

2.7 Shared Responsibility

Another concept is Shared Responisbility. We cover:

  • What is On_premise, IAAS? SAAS, PAAS?
  • Who is responsible for what?
  • What is Shared Responsibility?

More info:

2.8 Security Principles

Microsoft follows security principles. We cover:

  • What are the principles?
  • What do these principles mean?
  • How does this fit with GDPR legislation?

More info:

2.9 Microsoft Priva

Microsoft Priva is a Privacy Center. It is a fairly new addition to the suite and replaces components from the Compliance and GDPR compliance center. We review:

  • What is Microsoft Priva?
  • Discovering risk management
  • GDPR requests follow up
  • Central permission management

More info:

2.10 Microsoft Service Trust

What is the Microsoft Service Trust center?

What documents can you find here?

More info:

MS Entra & the 3/4 A's

3.1 Introduction

Identity is one of the titles of your exam. So this is a very important part. We cover in this video:

  • What will we learn this module?
  • Which are the 4 A’s?

3.2 Entra ID

Entra is the beating heart of all of the cloud. All identities and authentications come through this. So this is something we need to investigate carefully:

  • What is Entra?
  • What is AD, AAD, AADDS?
  • What is managed in Entra?
  • What hybrid options are available?
  • What is Azure B2B?
  • What is Azure B2C?

More info:

3.3 Authentication

We need to discuss Authentication:

  • How can you authenticate?
  • What is Multi-Factor authentication?
  • What is secure authentication?

More info:

3.4 Identity Protection

Identity is the most important link in our beveiigation policy. Therefore, we also need to give them extra protection.

We discuss:

  • Azure AD (Entra) Identity Protection
  • Risk Assignments
  • The three levels of Entra ID.

More info:

3.5 MS Entra demo

After theory comes practice. We discuss:

  • Azure AD (Entra) Identity rotection
  • Dynamic groups
  • Assign licenses and Apps to groups
  • Detecting risky users
  • Hybrid set-up check.
  • Multi-Factor setting in the three ways.

3.6 PIM Management

A final module of Entra ID is about PIM Management. We discuss:

  • What is PIM Management?
  • Why Just-In-Time?
  • What does an Access Package look like in practice?

More info:

Microsoft Azure

4.1 Introduction

What is the cloud? What is Azure?

And what are we going to look at in this chapter?

4.3 ARM & Blueprints

There are also configuration templates you can create in Azure. This is necessary to obtain scalability. We discuss:

  • What is an ARM Template?
  • What is a Blueprint?
  • What are the properties of each?

More info:

4.4 Cloud Adoption Framework

What are the steps to move to the MS Cloud? What frameworks or guides exist? You will learn this in the CLoud Adoption Framework.

More info:

4.6 Azure Data

In addition to managing Azure networks and resources, you also need to be able to protect data in Azure. We discuss:

  • What a storage account?
  • What types of encryption keys do you use?
  • What is encryption at rest?
  • What is Azure Key Vault?

More info:

4.7 Azure Security Center

Security of Azure should also be monitored centrally. Therefore, a platform was created that groups all Security alerts. We discuss:

  • What MS Azure Security Center?
  • What actions can you perform here?
  • What about your security score?
  • How does this compare to Microsoft Defender for Cloud?

More info:

4.8 MS Sentinel

In addition to security centers of various products, there is also a SIEM and SOAR solution. We discuss:

  • What is MS Sentinel?
  • What is MS Sentinel based on?
  • What about connectors?
  • What are playbooks and workbooks?

More info:

4.9 Azure demo

Now that we have learned a lot about MS Azure, it is very useful to take a moment to explore the interface itself.

This is not knowledge required for the exam but can help make it visually pre-counted and easier to remember.

Microsoft Defender & MS Intune

5.1 Introduction

You have already been introduced to MS Sentinel and want this technology integrated into M365? But maybe not quite as strong?

Therefore, we examine the Microsoft Defender suite.

But you also want to manage computers?
Then you need to discover MS Intune.

In this chapter, we will learn about both products

5.2 MS Defender

Defender is THE security solution you want to use. We explore what components MS Defender all has and what an XDR solution is.

More info:

5.3 EDR, XRD, SIEM, SOAR?

Still, let’s get everything straight. Now what is this SIEM? SOAR? EDR and XDR? A brief explanation.

5.4 MS Defender DEMO

What does this Defender portal look like?

What can you do with it?

What is an Alert and what is an Incident?

5.5 MS Intune

Managing endpoints is a multi-hour course in itself. You need to study MS Entra and MS Intune. But this is a Fundamentals course so now we will limit ourselves to some concepts.

  • What is MS Intune?
  • What are policies?
  • What about Apps and Updates?

More info:

https://learn.microsoft.com/nl-nl/training/modules/intro-to-endpoint-manager

5.6 MS Intune DEMO

Theory remains theory. Therefore, a demo now:

  • What does such a platform look like?
  • How do you create a policy?
  • How do you distribute settings?

MS Purview (Compliance manager)

6.1 MS Compliance

After all the chunk of Security and Identity, Compliance also remains. Many organizations have not yet addressed this and are losing a lot of money on lost information as a result.

  • How correctly does our organization operate according to legislation
  • Are our policies being followed properly?
  • What information do we process?
  • What actions do employees take?

We examine the Compliance Manager.

6.2 Compliance Center / Purview

We are further exploring how compliance centers are structured and what components are in here.

  • What compliance components are there?
  • What compliance score do we have?
  • What compliance score do we have?
  • How do I log legal obligations?

More info:

Describing the use and benefits of the compliance score – Training | Microsoft Learn

6.3 MS Purview DEMO

Now that you understand what compliance is and what you all want to investigate, let’s look into the interfaces themselves.

6.4 Audits

You want to schedule surveys to be conducted. Therefore, we review:

  • What levels of audits exist?
  • Which livences provide which tools?
  • How do you conduct an audit?

6.5 Labels

One aof the first Compliancy policies you want to implement are labels. That way you can track information and use it in reports and policies.

  • Sensitivity labels
  • Save labels

More info:

Describing compliance portal data classification capabilities – Training | Microsoft Learn

Describing retention policies and retention labels – Training | Microsoft Learn

6.6 Barriers, eDiscovery and Lockbox

Three latest technologies or techniques we are exploring:

  • Information Barriers
  • eDiscovery
  • Customer Lockbox

More info:

Describing the eDiscovery solutions in Microsoft Purview – Training | Microsoft Learn

Measurements, calculated columns and extras

7 Exam preparation

You have now processed all the information and have a view of the Security and Compliancy capabilities in the Microsoft ecosystem.

Prepare for your exam:

All done? Then contact us at [email protected] to take and schedule your exam. There are prices specifically for education and we can do this at your own school for the whole class or remotely for a few individuals.

SC-900 EXAM