Overview
Get started with cybersecurity with the Microsoft Certified: Security, Compliance, and Identity Fundamentals certification.
Advance your knowledge on a range of cybersecurity topics and build a foundation for advanced cybersecurity certifications that prepare you for in-demand roles in security operations, identity and access management, and information protection. Recommended for early career IT security professionals and aspiring students.
This SC-900T00: Microsoft Security, Compliance and Identity Fundamentals certification course provides foundational level knowledge on security, compliance, and identity concepts and related cloud-based Microsoft solutions and is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
Skills Covered
After completing this module, students will be able to:
- Describe basic concepts of security, compliance, and identity.
- Describe the concepts and capabilities of Microsoft identity and access management solutions.
- Describe the capabilities of Microsoft security solutions.
- Describe the compliance management capabilities in Microsoft.
Who Should Attend
The audience for this course are looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this course aligns to the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
This Microsoft Official Course prepares students for the Microsoft Certified: Security, Compliance and Identity Fundamentals certification.
The SC-900 Fundamentals exam measures your ability to describe the following: concepts of security, compliance, and identity; capabilities of Microsoft identity and access management solutions; capabilities of Microsoft security solutions; and capabilities of Microsoft compliance solutions.
Course Curriculum
Prerequisites
Before attending this course, students must have:
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Download Course Syllabus
Course Modules
Learn about common security and compliance concepts that are foundational to Microsoft solutions. Topics include the shared responsibility and Zero Trust models, encryption, data residency and data sovereignty, and more.
Learning objectives
After completing this module, you will be able to:
- Describe the shared responsibility and the defense-in-depth security models.
- Describe the Zero-Trust model.
- Describe the concepts of encryption and hashing.
- Describe some basic compliance concepts.
Learn about the key concepts of authentication and authorization and why identity is important in securing corporate resources. You’ll also learn about some identity-related services.
Learning objectives
After completing this module, you will be able to:
- Understand the difference between authentication and authorization.
- Describe the concept of identity as a security perimeter.
- Describe identity-related services.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Microsoft Entra ID is Microsoft’s cloud-based identity and access management solution that connects people to their apps, devices, and data. Learn about the functions and identity types supported by Microsoft Entra ID.
Learning objectives
By the end of this module, you’ll be able to:
- Describe the function of Microsoft Entra ID.
- Describe the types of identities Microsoft Entra ID supports.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Learn about the authentication capabilities of Microsoft Entra ID, including multifactor authentication, and how they improve security. You’ll also learn about self-service password reset (SSPR) and the password protection and management capabilities.
Learning objectives
After completing this module, you’ll be able to:
- Describe the authentication methods of Entra ID.
- Describe multifactor authentication (MFA) in Entra ID.
- Describe self-service password reset (SSPR) in Entra ID.
- Describe the password protection and management capabilities of Entra ID.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
A key function of Microsoft Entra ID is to manage access. Learn about the conditional access and how Microsoft Entra roles and role-based access control (RBAC) helps organizations manage and control access.
Learning objectives
By the end of this module, you’ll be able to:
- Describe Conditional Access in Microsoft Entra ID.
- Describe Microsoft Entra roles and role-based access control.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Learn about protecting and governing identities with Microsoft Entra ID. Learn about Permissions Management and how it enables organization to discover, remediate, and monitor permission risks across your multicloud infrastructure.
Learning objectives
By the end of this module, you’ll be able to:
- Describe the identity protection and governance capabilities of Microsoft Entra ID.
- Describe Privileged Identity Management.
- Describe Permissions Management.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Learn about capabilities Azure supports to protect your network, VMs, and your data.
Learning objectives
After completing this module, you will be able to:
- Learn how Azure security capabilities can protect the network
- Learn how Azure can protect your VMs
- Learn how to keep secrets safe with Azure Key Vault
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Learn about cloud security posture management and how Microsoft Defender for Cloud protects your cloud through secure score, recommendations, and enhanced features that provide cloud workload protection. You’ll also learn about security baselines in Azure.
Learning objectives
After completing this module, you’ll be able to:
- Describe cloud security posture management.
- Describe the capabilities of Microsoft Defender for Cloud
- Understand the Microsoft cloud security benchmark and the security baselines in Azure.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Learn about Microsoft Sentinel a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. In this module, you’ll also be introduced to Microsoft Security Copilot.
Learning objectives
After completing this module, you’ll be able to:
- Describe the security concepts for SIEM and SOAR.
- Describe how Microsoft Sentinel provides threat detection and mitigation.
- Describe Microsoft Security Copilot.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Protect against cyber threats with Microsoft 365 Defender across endpoints, identities, email, and applications.
Learning objectives
After completing this module, you’ll be able to:
- Describe the Microsoft 365 Defender service.
- Describe how Microsoft 365 Defender provides integrated protection against sophisticated attacks.
- Describe and explore Microsoft 365 Defender portal.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Microsoft runs on trust! Here you’ll explore the Service Trust Portal for content on how Microsoft delivers on our commitment of trust. You’ll also learn about Microsoft Priva, a solution to help meet privacy goals.
Learning objectives
After completing this module, you’ll be able to:
- Describe the offerings of the Service Trust Portal.
- Describe Microsoft’s Privacy principles.
- Describe Microsoft Priva.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Explore the Microsoft Purview compliance portal, the portal for organizations to manage their compliance needs. Learn about the Compliance Manager and compliance score, which can help organizations manage, simplify, and improve compliance across their organization.
Learning objectives
After completing this module, you’ll be able to:
- Describe the Microsoft Purview compliance portal.
- Describe Compliance Manager.
- Describe the use and benefits of compliance score.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Information protection and data lifecycle management in Microsoft Purview helps organizations classify, protect, and retain their data where it lives and wherever it goes. Learn about data classification capabilities, data loss prevention, and records management.
Learning objectives
After completing this module, you’ll be able to:
- Describe data classification capabilities
- Describe records management
- Describe data loss prevention
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Insider risks are a top concern for organizations. These risks can be challenging to identify and mitigate. Learn how Microsoft Purview enables organizations to identify, analyze, and remediate internal risks before they cause harm.
Learning objectives
After completing this module, you’ll be able to:
- Describe insider risk management
- Describe communication compliance
- Describe information barriers
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Organizations may need to identify, collect, and/or audit information for legal, regulatory, or business reasons. Learn how the eDiscovery and audit capabilities of Microsoft Purview help organizations find relevant data quickly.
Learning objectives
After completing this module, you’ll be able to:
- Describe the eDiscovery capabilities of Microsoft Purview.
- Describe the auditing capabilities of Microsoft Purview.
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Azure governance capabilities provide mechanisms and processes for organizations to maintain control over their applications and resources. Learn how Azure policy, Blueprints, and Microsoft Purview help organizations govern their resources and applications.
Learning objectives
After completing this module, you’ll be able to:
- Describe Azure Policy.
- Describe Azure Blueprints
- Describe Microsoft Purview
Prerequisites
- General understanding of networking and cloud computing concepts.
- General IT knowledge or any general experience working in an IT environment.
- General understanding of Microsoft Azure and Microsoft 365.
Request More Information
Training Options
- ILT: Instructor-Led Training
- VILT: Virtual Instructor-Led Training
Exam & Certification
Microsoft Certified: Security, Compliance and Identity Fundamentals.
Whether you’re a student, business user, or IT professional, this certification ensures you have a firm grasp of a range of topics in the rapidly growing field of cybersecurity. This fundamentals certification can serve as a steppingstone if you are interested in advancing to role-based certifications in security operations, identity and access management, and information protection.
The Microsoft Certified: Security, Compliance, and Identity Fundamentals certification could be a great fit for you if you’d like to:
- Demonstrate your knowledge of Microsoft Security, Compliance, and Identity (SCI) solutions.
- Highlight your understanding of how Microsoft SCI solutions provide holistic, end-to-end cybersecurity capabilities.
It is recommended to have familiarity with networking and cloud computing concepts, general IT knowledge or any general experience working in an IT environment, general understanding of Microsoft Azure and Microsoft 365.
Training & Certification Guide
This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.
Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.
Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
This exam measures your ability to describe the following: concepts of security, compliance, and identity; capabilities of Microsoft identity and access management solutions; capabilities of Microsoft security solutions; and capabilities of Microsoft compliance solutions.
Demand for cybersecurity skills is at an all-time high. Discover your Security, Compliance and Identity opportunities with these recommended resources:
- Cybersecurity Awareness Month: Getting Security Certified with Microsoft Learning Partners
- BeCyberSmart with Microsoft: Cybersecurity Awareness Month 2022
- Cybersecurity Awareness Month: How the pandemic has accelerated the digital transformation of cybersecurity
- Cybersecurity Awareness Month – The Importance of Training Your Employees
Frequently Asked Questions
The SC-900: Microsoft Security, Compliance, and Identity Fundamentals certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.
Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
Safeguard your people, data, and infrastructure by attending these recommended courses:
SC-200T00: Microsoft Security Operations Analyst
In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Azure Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting.
SC-300T00: Microsoft Identity and Access Administrator
This course provides IT Identity and Access Professional, along with IT Security Professional, with the knowledge and skills needed to implement identity management solutions based on Microsoft Azure AD, and it connected identity technologies.
SC-400T00: Microsoft Information Protection Administrator
The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies and Office 365 message encryption among other related topics. The course helps learners prepare for the Microsoft Information Protection Administrator exam (SC-400)
SC-100T00: Microsoft Cybersecurity Architect
This SC-100T00: Microsoft Cybersecurity Architect course prepares students with the background to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications.
Microsoft Certifications are globally recognized and industry-endorsed evidence of mastering real world skills. It shows you demonstrate proficiency in keeping pace with technology. It’s a career move that yields many positive results.
Getting a Microsoft Certification is also a great way to break into the tech industry. A Microsoft Certification immediately confers a level of authority and expertise, especially helpful for someone new to the industry.
The number of questions on a certification exam is subject to change as Microsoft make updates to ensure it aligns with current changes in the technology and job role. Most Microsoft Certification exams typically contain between 40-60 questions; and around 60-140 minutes.
Starting June 30 2021, all newly earned role-based and specialty certifications will be valid for one year from the date the certification was earned.
To stay up to date, IT pros are constantly learning and adding skills. The IDC study concluded that Microsoft Learning Partners such as Trainocate Malaysia which was recently awarded the Microsoft Learning Partner 2023 are well positioned to help organizations achieve their business and learning goals. The IT leaders who were surveyed found the most value from a Learning Partner that provides:
- An end-to-end solution which starts with identifying skill gaps, simplifies the learning experience, and finishes by evaluating how well the Learning Partner met the organization goals.
- Scale, flexibility, and speed to train teams of any size, in any location, amid changing circumstances.
- Value-added services, such as hands-on labs, classroom training, and custom content that help the skills development program succeed.
- High-quality content and delivery, meaning accurate, relevant courseware, top-notch instructors, and a path to certification, if needed.
