SC-900: Microsoft Security, Compliance, and Identity Fundamentals

Video description

Identity is the new perimeter. Application developers and infrastructure teams must focus on identity and the security tools that revolve around it to protect the state of identity. This course covers various aspects of identity and security methodologies used to protect it.

This course begins with the concepts of security, compliance, and identity. You’ll look at security methodologies, security concepts, and Microsoft Security and compliance principles. You’ll learn the concepts of zero trust methodology, shared responsibility model, and defense in depth.

After that, you’ll cover Microsoft Identity and Access Management Solutions. You’ll look at identity principles and concepts; basic identity and identity types; authentication, access management, and identity protection; and governance capabilities of Azure Active Directory.

Next up is Microsoft Security Solutions. This includes basic security capabilities and security management capabilities of Azure and Azure Sentinel, Microsoft 365 Defender, Intune, and Microsoft 365.

Finally, you’ll look at Microsoft Compliance Solutions. You’ll look at compliance management capabilities generally, then have a look at the capabilities in Microsoft 365 of information protection and governance, inside risk, eDiscovery, and audit.

By the end of this course, you will get hands-on knowledge to pass the Microsoft SC 900 exam.

What You Will Learn

  • Learn the concepts of security, compliance, and identity
  • Explore Microsoft Identity and Access Management Solution
  • Identify the capabilities of Microsoft Security solutions
  • Identify the capabilities of Microsoft Compliance solutions
  • Check the concepts of zero trust methodology
  • Look at the capabilities in Microsoft 365


This course is for a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.

Individuals looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services can also benefit from this course.

Basic knowledge of security, compliance, and identity, and familiarity with Microsoft Azure and Microsoft 365 will be required.

Concepts of Azure Active Directory would be helpful but not mandatory.

About The Author

Anand Rao Nednur: Anand Rao Nednur is a senior technical instructor and cloud consultant. He has worked with large enterprises for about 15 years and has a wide range of technologies in his portfolio. Anand is adept at not just cloud platforms (Azure, AWS, and GCP) but is also well-versed with IAM, security, and automation with PowerShell and Python.

In addition, he has been developing and updating the content for various courses. He has been assisting many engineers in lab examinations and securing certifications.

Anand is also a certified seasoned professional holding several certifications and has delivered instructor-led training in several states in India as well as several countries such as the USA, Bahrain, Kenya, and UAE. He has worked as a Microsoft-certified trainer globally for major corporate clients.

Publisher resources

Download Example Code

Table of contents

  1. Chapter 1 : Introduction to the Course
    1. Course Introduction
  2. Chapter 2 : Module 1 - Describe the Concepts of Security, Compliance, and Identity
    1. Security Concepts and Methodologies - Introduction
    2. Zero Trust - Guidelines
    3. Zero Trust – Six Foundational Pillars
    4. The Shared Responsibility Models
    5. Defense in Depth Strategy
    6. The CIA Triad
    7. Describe Common Threats
    8. Describe Encryption, Hashing, and Signing - I
    9. Describe Encryption, Hashing, and Signing – II
    10. Summary
    11. Microsoft Security and Compliance principles - Introduction
    12. Microsoft's Privacy Principles
    13. What is Service Trust Portal
    14. Azure Compliance Documentation
    15. Module 1: Section Summary
  3. Chapter 3 : Module 2 - Describe the Concepts and Capabilities of Microsoft Identity and Access
    1. Describe Identity Concepts - Introduction
    2. Common Identity Attacks
    3. Identity as a Security perimeter
    4. Four Pillars of Identity
    5. Modern Authentication and the Role of Identity Provider
    6. SSO and the Concept of Federation
    7. The Concept of Directory Services and Active Directory
    8. Describe the Basic Services and Identity Types – Introduction
    9. Describe Azure Active Directory
    10. Azure AD Editions
    11. Describe the Azure AD Identity types
    12. Difference between System Assigned and User Assigned Managed Identity
    13. Describe the Types of External Identities
    14. Describe the Concept of Hybrid Identities
    15. Describe the Authentication Capabilities of Azure – Introduction
    16. Describe the Different Authentication Methods
    17. Security Defaults and MFA
    18. MFA in Azure AD - Part 1
    19. Video 3.2: MFA in Azure AD - Part 2
    20. Windows Hello
    21. Why is Windows Hello Safer than a Password
    22. Self-Service Password Reset in Azure AD
    23. Password Protection and Management Capabilities of Azure AD
    24. Protecting against Password Spray
    25. Hybrid security
    26. Describe the Access Management Capabilities of Azure AD
    27. Conditional Access in Azure AD
    28. Conditional Access in Azure AD – II
    29. Conditional Access in Azure AD – III
    30. Azure AD Roles and Custom Roles
    31. Summary
    32. Describe the Identity Protection and Governance Capabilities of Azure AD
    33. What is Identity Governance
    34. What is Identity Lifecycle
    35. Access Lifecycle
    36. Privileged Access lifecycle
    37. What is Entitlement Management
    38. Azure AD Access Reviews
    39. Azure AD Terms of Use
    40. Capabilities of Privileged Identity Management
  4. Chapter 4 : Module 3 - Describe the Capabilities of Microsoft Security Solutions
    1. Module Introduction
    2. Network Security Groups
    3. Inbound and Outbound Security Rules
    4. What is DDOS
    5. Azure DDOS Protection Plans and Pricing
    6. Azure Firewall
    7. Azure Bastion Host
    8. Web Application Firewall
    9. Azure Encryption
    10. Azure Key Vault
    11. Lesson Summary
    12. Cloud Security Posture Management
    13. Azure Security Center
    14. Azure Security Center – Features
    15. Azure Security Center - Security Score
    16. Azure Defender
    17. Azure Security Benchmark
    18. Azure Security Center - Pricing Tier
    19. Summary
    20. Describe the Security Capabilities of Azure Sentinel
    21. Define the Concepts of SIEM, SOAR, and XDR
    22. Azure Sentinel
    23. Azure Sentinel Features
    24. Azure Sentinel – Pricing
    25. Summary
    26. Describe the Threat Protection Capabilities of Microsoft 365 – Introduction
    27. Microsoft 365 Defender Services – Introduction
    28. Microsoft Defender for Identity
    29. Microsoft Defender for O365
    30. Microsoft Defender for Endpoint
    31. What is CASB
    32. The Cloud App Security Framework
    33. Microsoft Cloud App Security Architecture
    34. O365 Cloud App Security and Azure AD Cloud App Discovery
    35. Summary
    36. Security Management Capabilities of M365 – Introduction
    37. Microsoft 365 Security Center – Introduction
    38. How to Use Microsoft Secure Score
    39. Differences Between Azure and Microsoft Secure Score
    40. Managing Incidents
    41. Summary
    42. Describe Endpoint Security with Microsoft Intune – Introduction
    43. What is Intune
    44. MDM and MAM
    45. Endpoint Security with Intune
    46. Summary
  5. Chapter 5 : Module 4 - Describe the Capabilities of Microsoft Compliance Solutions
    1. Module introduction
    2. Common Compliance Needs
    3. Common Compliance Regulations
    4. Compliance Center
    5. What is Compliance Manager
    6. What are Controls
    7. What are Assessments
    8. Understand Compliance score
    9. Summary
    10. The Information Protection and Governance Capabilities of Microsoft 365
    11. Know Your Data, Protect Your Data, and Govern Your Data
    12. Data Classification Capabilities of Compliance Center
    13. Content Explorer and Activity Explorer
    14. Sensitivity Labels
    15. Label Policies
    16. Data Loss Prevention
    17. Data Loss Prevention on Endpoints and Teams
    18. Retention Polices and Retention Labels
    19. Records Management
    20. Summary
    21. The Insider Risk Capabilities in Microsoft – Introduction
    22. Insider Risk Management
    23. Insider Risk Management Workflow
    24. Communications Compliance
    25. Information Barriers in Microsoft Teams
    26. Privileged Access Management
    27. Customer Lockbox
    28. Summary
    29. eDiscovery Capabilities of Microsoft M365 – Introduction
    30. The Purpose of eDiscovery
    31. The Capabilities of the Content Search
    32. The Core eDiscovery Workflow
    33. The Advanced eDiscovery Workflow
    34. Summary
    35. The Audit Capabilities of Microsoft 365 - Introduction
    36. The Core Audit Capabilities of M365
    37. What are the Advanced Auditing Capabilities
    38. High Bandwidth for Office 365 API Activities
    39. Summary
    40. Describe the Resource Governance Capabilities - Introduction
    41. Resource Manager – Locks
    42. What is Azure Blueprint
    43. What is Azure Policy
    44. Difference between Azure Policy and RBAC
    45. Cloud Adoption Framework

Product information

  • Title: SC-900: Microsoft Security, Compliance, and Identity Fundamentals
  • Author(s): Anand Rao Nednur
  • Release date: October 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781803236445