Home Security Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

By Dwayne Natwick
books-svg-icon Book
eBook $33.99 $22.99
Print $41.99 $24.99
Subscription $15.99 $10 p/m for three months
$10 p/m for first 3 months. $15.99 p/m after that. Cancel Anytime!
What do you get with a Packt Subscription?
This book & 7000+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with a Packt Subscription?
This book & 6500+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with eBook + Subscription?
Download this book in EPUB and PDF formats, plus a monthly download credit
This book & 6500+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with a Packt Subscription?
This book & 6500+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with eBook?
Download this book in EPUB and PDF formats
Access this title in our online reader
DRM FREE - Read whenever, wherever and however you want
Online reader with customised display settings for better reading experience
What do you get with video?
Download this video in MP4 format
Access this title in our online reader
DRM FREE - Watch whenever, wherever and however you want
Online reader with customised display settings for better learning experience
What do you get with video?
Stream this video
Access this title in our online reader
DRM FREE - Watch whenever, wherever and however you want
Online reader with customised display settings for better learning experience
What do you get with Audiobook?
Download a zip folder consisting of audio files (in MP3 Format) along with supplementary PDF
What do you get with Exam Trainer?
Flashcards, Mock exams, Exam Tips, Practice Questions
Access these resources with our interactive certification platform
Mobile compatible-Practice whenever, wherever, however you want
BUY NOW $10 p/m for first 3 months. $15.99 p/m after that. Cancel Anytime!
eBook $33.99 $22.99
Print $41.99 $24.99
Subscription $15.99 $10 p/m for three months
What do you get with a Packt Subscription?
This book & 7000+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with a Packt Subscription?
This book & 6500+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with eBook + Subscription?
Download this book in EPUB and PDF formats, plus a monthly download credit
This book & 6500+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with a Packt Subscription?
This book & 6500+ ebooks & video courses on 1000+ technologies
60+ curated reading lists for various learning paths
50+ new titles added every month on new and emerging tech
Early Access to eBooks as they are being written
Personalised content suggestions
Customised display settings for better reading experience
50+ new titles added every month on new and emerging tech
Playlists, Notes and Bookmarks to easily manage your learning
Mobile App with offline access
What do you get with eBook?
Download this book in EPUB and PDF formats
Access this title in our online reader
DRM FREE - Read whenever, wherever and however you want
Online reader with customised display settings for better reading experience
What do you get with video?
Download this video in MP4 format
Access this title in our online reader
DRM FREE - Watch whenever, wherever and however you want
Online reader with customised display settings for better learning experience
What do you get with video?
Stream this video
Access this title in our online reader
DRM FREE - Watch whenever, wherever and however you want
Online reader with customised display settings for better learning experience
What do you get with Audiobook?
Download a zip folder consisting of audio files (in MP3 Format) along with supplementary PDF
What do you get with Exam Trainer?
Flashcards, Mock exams, Exam Tips, Practice Questions
Access these resources with our interactive certification platform
Mobile compatible-Practice whenever, wherever, however you want
  1. Free Chapter
    Chapter 1: Preparing for Your Microsoft Exam
About this book
Cloud technologies have made building a defense-in-depth security strategy of paramount importance. Without proper planning and discipline in deploying the security posture across Microsoft 365 and Azure, you are compromising your infrastructure and data. Microsoft Security, Compliance, and Identity Fundamentals is a comprehensive guide that covers all of the exam objectives for the SC-900 exam while walking you through the core security services available for Microsoft 365 and Azure. This book starts by simplifying the concepts of security, compliance, and identity before helping you get to grips with Azure Active Directory, covering the capabilities of Microsoft’s identity and access management (IAM) solutions. You'll then advance to compliance center, information protection, and governance in Microsoft 365. You'll find out all you need to know about the services available within Azure and Microsoft 365 for building a defense-in-depth security posture, and finally become familiar with Microsoft's compliance monitoring capabilities. By the end of the book, you'll have gained the knowledge you need to take the SC-900 certification exam and implement solutions in real-life scenarios.
Publication date:
May 2022
Publisher
Packt
Pages
404
ISBN
9781801815994

 

Chapter 1: Preparing for Your Microsoft Exam

You have decided to take the steps to get Microsoft certified. The SC-900 exam focuses on Security, Compliance, and Identity Fundamentals. This chapter will help you prepare for the Microsoft exam, along with the resources that can assist you with your learning. This will include helpful links, along with steps on how to gain access to a trial Microsoft 365 subscription and a month of free Microsoft Azure access for hands-on practice.

Once you have completed this chapter, you will become familiar with the tools that enable you to know what is needed to prepare for the exam, follow this book, and begin your journey within a security, compliance, and/or identity role.

In this chapter, we're going to cover the following main topics:

  • Preparing for the Microsoft exam
  • Resources available and accessing Microsoft Learn
  • Creating a Microsoft 365 trial subscription
  • Setting up a free month of Azure services
  • Exam objectives
  • Who should take the SC-900 exam?
 

Technical requirements

To follow along and complete the exercises within this book, you will need to have access to security, compliance, and identity services within Microsoft 365 and Azure. This can be accomplished by getting a trial subscription for Microsoft 365 and a free month of Azure. Advanced security services will also require an Enterprise + Mobility license. The steps to set up these licenses will be covered later in this chapter.

 

Preparing for the Microsoft exam

There are multiple aspects of preparing for the Microsoft exam. These include the resources available to prepare for the exam, the ability to access a subscription for hands-on learning, and how you are going to take your exam. If this is your first Microsoft exam, understanding the format that most of these exams will follow is important.

Let's take a closer look at each of these areas.

Resources to prepare for the exam

There are many resources available that can help you prepare for most Microsoft exams. This includes pre-recorded content from learning companies, live courses from Microsoft Learning Partners, and content that's been posted by the community and Microsoft blog articles. Each of these resources is helpful, but the pre-recorded content and live courses will come at a price. This may not be within your budget. Community and Microsoft blog articles generally provide a level of direction regarding where you need to go for each topic, but they do not get into specifics.

One of the best resources is Microsoft itself. Microsoft provides detailed documentation about each of their services via Microsoft Docs, which allows you to search freely and find the information that you need. This information is publicly available and free. Microsoft Docs is tied very closely to Microsoft Learn's content, which will be discussed later in this chapter.

To access and search Microsoft Docs, simply go to https://docs.microsoft.com.

Access to a subscription

When preparing for the Microsoft exam, it is highly recommended that you have had some level of hands-on experience with the services within the objectives. For fundamental-level exams, with the SC-900 being a fundamental-level exam, hands-on experience is extremely helpful in reinforcing your understanding. Microsoft courses have a GitHub repository for labs that are recommended and available to the public.

The lab guides can be found at this link: http://www.microsoft.com/learning.

Microsoft offers trial subscriptions for both Azure and Microsoft 365. The process of creating these trials will be covered later in this chapter.

Where to take the exam

Part of the preparation process of taking the exam includes where you are going to take it. Traditionally, there has only been the option to take these exams at a proctored exam site. Some may prefer this method because it is a controlled environment. Understanding the location and setup of the site can help lower your level of stress on the day of the exam. Making a trip to the site before your exam date can avoid any potential surprises on the day.

When the role-based exams became available, Microsoft provided an additional option of taking the exam remotely from your home or office by using a remote proctor. This may be your preferred option if you are more comfortable using your own equipment and environment. If you do not have this choice when scheduling your exam, then this option has not been made available to your region. If it is available, you will see options similar to the following:

Figure 1.1 – Selecting a location when scheduling the exam

Figure 1.1 – Selecting a location when scheduling the exam

There are some important steps to prepare for the remote proctor. From an equipment standpoint, you must have a device with a webcam, microphone, and speakers. You can only use one monitor, so ensure that you have a high resolution to avoid any issues when viewing the exam. It is highly recommended that you test your equipment before the day of the exam to avoid any issues with anti-malware software.

The location that you are going to take the exam in must be cleared of any papers, books, pens, and pencils. It must also be a quiet environment where no one will enter while you are taking the exam. You will be required to photograph the location and surrounding area when checking in. Valid identification is required as well. During the exam, you must remain within the view of the camera. This may feel intrusive and may not be a manner that is comfortable for some, but others may prefer being within their own environment.

Exam format

Microsoft exams are typically made up of 4-6 question types. These are case studies, multiple-choice, drag and drop, true/false, drop-down fill-in, and best answer scenarios. Let's provide some additional details about what each of these means, as follows:

  • Case study questions provide a hypothetical company setting within the current environment, proposed future environment, and the technical and business requirements. From this scenario, 6-8 questions are asked that may cover multiple objective areas of the exam. In most associate-level exams, you could see 1-3 of these case studies.
  • Multiple-choice questions are straightforward questions. Some multiple-choice questions may have more than one answer. Microsoft is generally transparent on how many correct answers need to be chosen for the question, and you will be alerted if you do not choose the correct number of selections.
  • Drag-and-drop questions are usually based on the steps of a process to test your knowledge of the order of operations to deploy a service. You are given more selections than needed and need to move the steps that apply to the question to the right-hand column in the proper sequence.
  • The next type of question is a modified type of true/false question. In these questions, you are usually provided with some exhibits or screenshots from within the Microsoft portals or tables that show what has been configured. There are then 3-4 statements about this information, where you need to select yes or no for each statement based on whether the statement is correct based on the information provided.
  • Drop-down fill-in questions are usually where you will find PowerShell or Azure CLI code. You will be asked to complete certain steps within a string of code where the blank sections provide drop-down selections to choose from.
  • The best answer scenario questions test your understanding of an objective area. Microsoft will warn you when you get to this section as you will no longer have the option to navigate back to the other questions. You will be provided a specific scenario that needs to be solved, along with a proposed solution. The requirement is to determine whether that solution is the best solution to solve the scenario at hand. After selecting yes or no, you may see the same scenario again with a different solution, where you must select yes or no again.

Each of these exam question types tests your level of understanding in different ways, and all of them are weighted against the exam objectives, which will be discussed later in this chapter.

With that, we have covered how to determine an exam's location and the types of questions that you may expect. The next few sections will cover the resources that will help you learn about the topics within the exam, as well as how to gain access to the solutions so that you can follow along with the exercises in this guide.

 

Resources available and accessing Microsoft Learn

Earlier in this chapter, some of the resources that are available for preparing for the exam were mentioned. Microsoft Learn was mentioned, along with Microsoft Docs, but Microsoft Learn requires its own section due to the amount of free content that it provides to help you prepare for the exam.

Accessing Microsoft Learn

Microsoft Learn is a great resource to get your learning path started. All the content on Microsoft Learn is free. When you create an account on Microsoft, your learning progress is tracked and you can acquire badges along the way. In addition, Microsoft creates learning challenges periodically with prizes, such as free exam vouchers. Creating a free account can be done by selecting the icon at the top right of the page and selecting Sign in, as shown in the following screenshot:

Figure 1.2 – Microsoft Learn site profile – Sign in

Figure 1.2 – Microsoft Learn site profile – Sign in

You can sign in with an existing Microsoft account or create one to get started, as indicated here:

Figure 1.3 – Create or sign in to a Microsoft account

Figure 1.3 – Create or sign in to a Microsoft account

You can get to Microsoft Learn by going to the following link: https://www.microsoft.com/learn.

Finding content on Microsoft Learn

Content on Microsoft Learn can be found in various ways. You can search for specific products, roles, or certifications. These options can be found on the selection ribbon at the top of the Learn home page, as shown in the following screenshot. The home page also provides several recommendations so that you can start your learning journey:

Figure 1.4 – Learn content navigation

Figure 1.4 – Learn content navigation

From the Learn content navigation tabs, select a drop-down arrow to filter for content in the specific Products, Roles, or Certifications areas:

Figure 1.5 – Filter categories under the Products drop-down menu

Figure 1.5 – Filter categories under the Products drop-down menu

Once you have selected an area of interest, or simply chosen Browse all paths, you can search for specific topics and filter for individual courses or learning paths, as shown in the following screenshot:

Figure 1.6 – Browse all content in Microsoft Learn

Figure 1.6 – Browse all content in Microsoft Learn

This section has shown you how to access Microsoft Learn and browse for modules and learning paths. The next section will assist you in finding content specific to the SC-900 exam.

Exam pages on Microsoft Learn

Another common area within Microsoft Learn is the exam pages. For any exam provided by Microsoft, there is an exam page and a certification page that is located within Microsoft Learn. These pages provide an overview of the exam or certification, the roles of individuals that may be interested in the exam, the objective areas for the exam, scheduling the exam, and the Microsoft Learn learning path to prepare for the exam. These pages are extremely helpful when you are preparing for an exam rather than just learning to gain general technical knowledge. The following screenshot shows us searching for the SC-900 exam, where you can see sc-900 being typed in the search box:

Figure 1.7 – Browse for the SC-900 exam

Figure 1.7 – Browse for the SC-900 exam

The following screenshot shows the exam page for the SC-900 exam:

Figure 1.8 – SC-900 exam page

Figure 1.8 – SC-900 exam page

As you continue to prepare for the SC-900 exam, it is recommended that you use this exam page as a reference.

You should now have access to log in and browse the content on Microsoft Learn. The next section will show you how to sign up for a trial subscription to Microsoft 365 services and sign up for a month of free Azure services.

 

Creating a Microsoft 365 trial subscription

If you are new to Microsoft 365 and Azure, getting hands-on experience is important – not just for exam preparation, but also for professional development. If you are getting certified to open doors to new job opportunities, you must understand the administration portals and how to work within them. This book will provide some exercises that will get you familiar with how to work within Microsoft 365, advanced security and compliance solutions, and Azure Active Directory. To follow along, it is recommended that you have a subscription to Microsoft 365 and Enterprise + Mobility. The steps to create these when using a 30-day trial are provided in the following sections.

Office 365 or Microsoft 365 trial subscription

Many of the features and capabilities discussed within the exam objectives require you to have an enterprise-level license within Microsoft 365. The available enterprise licenses are the E3 and E5 licenses. Microsoft offers 30-day trial licenses for these, so as you prepare for the exam, you can create a trial subscription and be able to follow along with the exercises.

To get started, as shown in the following screenshot, navigate to https://www.microsoft.com/en-us/microsoft-365/enterprise/compare-office-365-plans and select Try for free under the Office 365 E5 plan:

Figure 1.9 – Signing up for an Office 365 trial subscription

Figure 1.9 – Signing up for an Office 365 trial subscription

Follow the steps provided to create an account, as shown in the following screenshot. If you have already created an account, you may need to use a different email address to obtain the free trial:

Figure 1.10 – Office 365 E5 subscription sign-up form

Figure 1.10 – Office 365 E5 subscription sign-up form

After completing the form and creating your Microsoft 365 tenant, you will have access to Microsoft 365's services and the administration panel. The next section will show you how to sign up for an additional add-on service that will be required to follow the exercises in this book, as well as gaining full hands-on preparation for your exam.

Enterprise Mobility + Security subscription

In addition to the Office 365 E5 trial subscription, you will need access to advanced security and compliance features, as well as an Azure Active Directory Premium license for many of the solutions and services that will be discussed within the exam objectives. The best way to obtain these features is through an Enterprise Mobility + Security E5 license. Microsoft also offers this as a 30-day free trial:

  1. To get started, navigate to this link: https://www.microsoft.com/en-us/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing.
  2. Then, select Try now under the Enterprise Mobility + Security E5 plan, as shown in the following screenshot:
Figure 1.11 – Signing up for an EMS E5 trial subscription

Figure 1.11 – Signing up for an EMS E5 trial subscription

This is an add-on license to Microsoft 365, so you should enter the same email address that you used to sign up for the Office 365 E5 subscription in the box shown in the following screenshot:

Figure 1.12 – EMS E5 subscription sign-up form

Figure 1.12 – EMS E5 subscription sign-up form

You should now have everything that you need for your hands-on exam preparation and to follow the exercises in this book. The next section will provide an overview of the objectives that will be covered in the exam and throughout this book.

Free month of Azure services

Since this exam includes security, compliance, and identity services for Microsoft 365 and Azure, it is recommended that you have access to Azure as well. Microsoft offers a free month of services from Azure. If you have not taken advantage of this offer previously, you can sign up at this link: https://azure.microsoft.com/.

Once you've done that, you can select Free account at the top right or Get started for free in the middle of the page, as shown in the following screenshot:

Figure 1.13 – Microsoft Azure sign-up page

Figure 1.13 – Microsoft Azure sign-up page

Once you have created these trial subscriptions as described, you will be ready to follow the exercises in this book. Hands-on learning is an important tool for understanding topics, so it is highly recommended that you complete the steps within this section and follow along. The next section will discuss the structure of the exam and its objectives.

 

Exam objectives

This book will cover the specific objectives of the SC-900 Microsoft Security, Compliance, and Identity Fundamentals exam. The structure of this book follows these objectives closely. However, there is an added section on monitoring and management that provides additional emphasis on furthering your career within the areas of security, compliance, and identity.

As is the case with all Microsoft exams, each objective area is weighted differently. The weight of each objective is meant to be used as a guide to help you understand the potential number of questions to expect in these areas for the exam. The objectives that are covered within the SC-900 exam are shown in the following table:

Additional details on the topics that make up these objectives can be found at this link: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Myp5.

Note that the weights do not mean that if an objective is weighted at 10%, you will only get 5 questions out of 50 on this area. Microsoft exams use a scoring scale of 1,000 based on the type of question and the objectives that are covered within the question. Many questions may have elements of multiple objectives, so they get working into percentages. The weights of the objectives can help you understand the level of importance that is being placed on the objective.

Now that you know the objective areas that are covered in this exam, you may be wondering how this exam and certification can assist in professional development and career advancement. The next section will provide some insight into the types of roles that this exam highlights.

 

Who should take the SC-900 exam?

Now that you understand more about Microsoft exams, paths to learning, and the specific areas covered in the SC-900 exam, it is important to think about the roles that someone should have or want before preparing for this exam. The SC-900 exam is the Security, Compliance, and Identity Fundamentals exam, so it covers a broad range of services and solutions for maintaining security and compliance within Microsoft 365, Azure, and hybrid infrastructures. Anyone that wishes to work with Microsoft cloud technologies will benefit from learning the objectives of this exam.

This exam will also help you obtain a role in security, compliance, or identity administration within Microsoft 365 or Azure. This exam is a starting point that helps determine your areas of interest while providing you with a rounded understanding of the broad range of security, compliance, and identity services and solutions within Microsoft's cloud technologies.

 

Summary

In this chapter, we covered the areas that will prepare you for the Security, Compliance, and Identity Fundamentals exam and the setup required to follow along with the exercises covered within this book. We also provided an overview of what to expect when taking the Microsoft exam.

The next chapter will discuss the various concepts that make up the foundation of security, compliance, and identity.

About the Author
  • Dwayne Natwick

    Dwayne Natwick is a Cloud Training Architect Lead at Opsgility, a Microsoft CSP. He has been in IT, security design, and architecture for over 30 years. His love of teaching led him to become a Microsoft Certified Trainer (MCT) Regional Lead and a Microsoft Most Valuable Professional (MVP). Dwayne has a master’s degree in Business IT from Walsh College, the CISSP from ISC2, and 18 Microsoft certifications, including Identity and Access Administrator, Azure Security Engineer, and Microsoft 365 Security Administrator. Dwayne can be found providing and sharing information on social media, industry conferences, his blog site, and his YouTube channel. Originally from Maryland, Dwayne currently resides in Michigan with his wife and three children.

    Browse publications by this author