Practice Exams:

View All

SC-900: Microsoft Security, Compliance, and Identity Fundamentals

PDFs and exam guides are not so efficient, right? Prepare for your Microsoft examination with our training course. The SC-900 course contains a complete batch of videos that will provide you with profound and thorough knowledge related to Microsoft certification exam. Pass the Microsoft SC-900 test with flying colors.

Rating

4.51

Students

144

Duration

07:06:00 h

$16.49

$14.99

Curriculum for SC-900 Certification Video Course

Course Introduction

1 Lectures

Time 00:04:00

Module 1 Describe the concepts of security, compliance, and identity

15 Lectures

Time 00:45:00

Module 2 Describe the concepts & capabilities of Microsoft identity and access

40 Lectures

Time 02:04:00

Module 3 : Describe the capabilties of Microsoft security solutions

46 Lectures

Time 02:14:00

Module 4 : Describe the capabilities of Microsoft compliance solutions

45 Lectures

Time 01:59:00

Name of Video	Time
1. Course Introduction	4:00

Name of Video	Time
1. Chapter 1 : Security concepts and methodologies - Introduction	1:00
2. Zero Trust - Guidelines	3:00
3. Zero Trust - Six Foundational Pillars	4:00
4. The Shared Responsibility Model	6:00
5. Defence in Depth Strategy	3:00
6. The CIA Triad	6:00
7. Describe Common Threats	6:00
8. Describe Encryption , hashing and Signing -I	4:00
9. Describe Encryption , hashing and Signing - II	4:00
10. Lesson Conclusion	1:00
11. Microsoft security and compliance principles - Lesson Introduction	1:00
12. Microsoft's Privacy Principles	2:00
13. What is Service Trust Portal	2:00
14. Azure Compliance Documentation	1:00
15. Module 1 : Chapter Summary	1:00

Name of Video	Time
1. Describe Identity Concepts - Introduction	1:00
2. Common Identity Attacks	5:00
3. Identity As a Security perimeter	4:00
4. Four Pillars of Identity	6:00
5. Modern Authentication and the role of Identity provider	3:00
6. SSO and the Concept of Federation	4:00
7. The concept of directory services and Active Directory	3:00
8. Describe the basic services and identity types - Introduction	1:00
9. Describe Azure Active Directory	3:00
10. Azure AD Editions	4:00
11. Describe the Azure AD identity types	8:00
12. Difference between System assigned and user assigned managed Identity	3:00
13. Describe the types external identities	5:00
14. Describe the concept of hybrid Identities	4:00
15. Describe the authentication capabilities of Azure - Introduction	1:00
16. Describe the different authentication methods	3:00
17. Security defaults and MFA	4:00
18. MFA in Azure AD - Part 1	2:00
19. MFA in Azure AD - Part 2	3:00
20. Windows Hello	3:00
21. Why is Windows Hello safer than a password	2:00
22. Self-service password reset in Azure AD	5:00
23. Password protection and management capabilities of Azure AD	5:00
24. Protecting against password spray	2:00
25. Hybrid security	2:00
26. Describe the access management capabilties of AzureAD	1:00
27. Conditional access in Azure AD	4:00
28. Conditional access in Azure AD - II	6:00
29. Conditional access in Azure AD - III	3:00
30. Azure AD Roles & Custom Roles	3:00
31. Chapter Summary	1:00
32. Describe the identity protection and governance capabilties of Azure AD	1:00
33. What is Identity Governance	1:00
34. What is Identity lifecycle	4:00
35. Access Lifecycle	2:00
36. Privileged access lifecycle	2:00
37. What is Entitlement management	3:00
38. Azure AD access reviews	3:00
39. Azure AD terms of use	2:00
40. Capabilities of Privileged identity Management	2:00

Name of Video	Time
1. Module Introduction	2:00
2. Network security groups	3:00
3. Inbound and outbound security rules	4:00
4. What is DDOS	3:00
5. Azure DDOS protection plans and pricing	3:00
6. Azure Firewall	4:00
7. Azure Bastion Host	4:00
8. Web Application Firewall	2:00
9. Azure Encryption	3:00
10. Azure Key Vault	2:00
11. Lesson Summary	2:00
12. Cloud Security Posture management	4:00
13. Azure Security Center	4:00
14. Azure Security Center - Features	4:00
15. Azure Security Center - Security Score	2:00
16. Azure defender	6:00
17. Azure Security Benchmark	5:00
18. Azure Security Center - Pricing Tier	1:00
19. Chapter Summary	1:00
20. Describe the security capabilities of Azure Sentinel	2:00
21. Define the concepts of SIEM, SOAR and XDR	6:00
22. Azure Sentinel	2:00
23. Azure Sentinel Features	6:00
24. Azure Sentinel - Pricing	1:00
25. Chapter Summary	1:00
26. Describe the threat protection capabilities of - Introduction	2:00
27. Microsoft 365 Defender services - Introduction	3:00
28. Microsoft Defender for Identity	5:00
29. Microsoft Defender for O365	5:00
30. Microsoft Defender for Endpoint	4:00
31. What is CASB	3:00
32. The Cloud App Security framework	2:00
33. Microsoft Cloud App Security architecture	3:00
34. O365 Cloud App security And Azure AD Cloud App Discovery	1:00
35. Chapter Summary	1:00
36. Security Management Capabilties of M365 - Introduction	2:00
37. Microsoft 365 Security Center - Intro	5:00
38. How to use Microsoft Secure Score	3:00
39. Differences between the Azure and Microsoft Secure Score	1:00
40. Managing Incidents	2:00
41. Chapter Summary	1:00
42. Describe endpoint security with Microsoft Intune - Introduction	1:00
43. What is Intune	2:00
44. MDM and MAM	3:00
45. Endpoint Security with Intune	7:00
46. Lesson Summary	1:00

Name of Video	Time
1. Module 4 introduction	1:00
2. Common Compliance Needs	2:00
3. Common compliance regulations	3:00
4. Compliance Center	2:00
5. What is Compliance Manager	2:00
6. What are Controls	1:00
7. What are Assesments	2:00
8. Understand Compliance score	3:00
9. Chapter Summary	1:00
10. The information protection and governance capabiliities of Microsoft 365	1:00
11. Know your data, protect your data, and govern your data	3:00
12. Data classification capabilities of compliance Center	5:00
13. Content Explorer and Activity Explorer	4:00
14. Sensitivity labels	5:00
15. Label Policies	3:00
16. Data Loss Prevention	3:00
17. Data Loss Prevention on endpoints and teams	2:00
18. Retention Polices and Retention Labels	4:00
19. Records Management	3:00
20. Chapter Summary	1:00
21. The insider risk capabilities in Microsoft - Introduction	1:00
22. Insider Risk management	2:00
23. Insider Risk management Workflow	3:00
24. Communications Compliance	5:00
25. Information barriers in Microsoft Teams	2:00
26. Privileged Access Management	4:00
27. Customer Lockbox	4:00
28. Lesson Summary	1:00
29. eDiscovery capabilities of Microsoft M365 - Introduction	1:00
30. The Purpose of eDiscovery	2:00
31. The capabilities of the content search	5:00
32. The Core eDiscovery Workflow	6:00
33. The advanced eDiscovery workflow	4:00
34. Lesson Summary	1:00
35. The audit capabilities of Microsoft 365- introduction	1:00
36. The core audit capabilities of M365	4:00
37. What are the Advance Auditing Capabilities	5:00
38. High Bandwidth for Office 365 API Activities	2:00
39. Lesson Summary	1:00
40. Describe the resource governance capabilities- introduction	1:00
41. Resource Manager - Locks	2:00
42. What is Azure Blueprints	3:00
43. What is Azure Policy	4:00
44. Difference between Azure Policy and RBAC	2:00
45. Cloud Adoption Framework	2:00

Microsoft Security SC-900 Exam Dumps, Practice Test Questions

100% Latest & Updated Microsoft Security SC-900 Practice Test Questions, Exam Dumps & Verified Answers!
30 Days Free Updates, Instant Download!

$69.97

$49.99

SC-900 Premium Bundle

Premium File: 158 Questions & Answers. Last update: Mar 20, 2023
Training Course: 147 Video Lectures
Study Guide: 413 Pages

Latest Questions
100% Accurate Answers
Fast Exam Updates

SC-900 Premium Bundle

Premium File: 158 Questions & Answers. Last update: Mar 20, 2023
Training Course: 147 Video Lectures
Study Guide: 413 Pages

Latest Questions
100% Accurate Answers
Fast Exam Updates

$69.97

$49.99

Free SC-900 Exam Questions & SC-900 Dumps

File Name	Size	Votes
File Name microsoft.passcertification.sc-900.v2023-02-18.by.lola.57q.vce	Size 490.3 KB	Votes 1
File Name microsoft.examcollection.sc-900.v2021-12-14.by.daris.57q.vce	Size 59.26 KB	Votes 1
File Name microsoft.passcertification.sc-900.v2021-11-02.by.annie.53q.vce	Size 51.8 KB	Votes 1
File Name microsoft.selftestengine.sc-900.v2021-10-01.by.thea.51q.vce	Size 49.03 KB	Votes 1
File Name microsoft.real-exams.sc-900.v2021-08-13.by.anthony.30q.vce	Size 29.82 KB	Votes 1
File Name microsoft.testking.sc-900.v2021-06-08.by.freya.27q.vce	Size 28.37 KB	Votes 1
File Name microsoft.passguide.sc-900.v2021-06-05.by.lucas.16q.vce	Size 28.37 KB	Votes 1

Microsoft SC-900 Training Course

Want verified and proven knowledge for Microsoft Security, Compliance, and Identity Fundamentals? Believe it's easy when you have ExamSnap's Microsoft Security, Compliance, and Identity Fundamentals certification video training course by your side which along with our Microsoft SC-900 Exam Dumps & Practice Test questions provide a complete solution to pass your exam Read More.

Module 2 Describe the concepts & capabilities of Microsoft identity and access

12. Difference between System assigned and user assigned managed Identity

There are two types of managed identities. There is a system assigned and a user assigned. Well, you already know this from the previous lesson, that there is system assigned and there is user assigned. Let's talk about the use cases of this and what the properties of each one of them are. When we think about system-assigned managed identities, they are created when you create a resource, for example, when you create an Azure App service or when you create a virtual machine. At that time, the systemassign managed identity is created. But when it comes to user-assigned managed identity, it has to be created as a standalone. So it is separate from the resource. And that also means that the system's assigned managed identity shares its life cycle with the Azure Resource. So, when the resource is deleted, the managed identity is also deleted. But when it comes to user-assigned managedentities, they have an independent life cycle and must be explicitly maintained or deleted. The system's assigned managed agencies cannot be shared. So you have to associate with a single Azure resource. Once you associate it with, let's say, a virtual machine or an app service, you cannot share it with other resources. And that's not the case with the user-assigned managed guarantees. You can share it with more than one Azure resource.

So, what do you think the most common usecases for system-assigned and user-assigned managed entities will be? Well, workloads that are contained within a single Azure Resource. So that means workloads for which you need independent identities, such as an application that runs on a single virtual machine. And that's when you would use the system's assigned managed entity. Now, when it comes to user-assigned workloads that run on multiple resources and that need to be shared with a single identity, you need a user-assigned managed identity because it can be created explicitly. Now, for workloads that need pre-authorization to access secure resources as part of the provisioning flow, you need a managed entity of user-assigned kind and also for workloads where resources are recycled frequently, but permission should stay consistent. For example, a workload where multiple virtual machines need to access the same resource, right? So that's when you use user-assigned managed identity, so these are the key differences between system-assigned and user assigned. Keep in mind that system assignment is tied to that resource in the Azure subscription. When the resource is deleted, the system's assigned identity also gets deleted. And that's by design. When it comes to user-assigned identities, you need to explicitly create them and assign them to the resource. All right, so that brings to an end our discussion of the comparison between system assigned and user assigned. Let's go ahead and talk about different types of external identities in the next lesson. Thanks for watching so far. I'll see you in the next lesson.

13. Describe the types external identities

Today's world is about collaboration. It's about working with people both inside and outside your organization. And that means that you sometimes need to provide access to your organization's applications or data to external users. Azure Active Directory ExternalIdentities is a feature. It's a set of capabilities that enables organisations to allow access to external users. It could be your customers or partners, or your customers, partners, or consultants, and other guests can bring their own identities. And why would they bring their own identities? Well, they would bring their own user ID and credentials to access your resources and your subscription. Now, this ability for external users to use their own identities to sign in is enabled through Azure Active Directory support of external identity providers. It supports Azure Active Directory tenants.

Of course, then it also supports third-party identity providers like Facebook, Google, or other enterprise identity providers. Admins can set up federation with identity providers so your external users can sign in with their existing social accounts or enterprise accounts instead of creating a new account just to access the application. Now, there are two different Azure identities. It's called "B to B" or "B to C." The B2B collaboration allows you to share your applications and resources with external users. It could be your external customers, vendors, consultants, et cetera. BTC is an identity management solution for consumers or your customer-facing applications. Let me explain each one of them in detail, one by one, starting with the B2B collaboration. Like I said, B2B collaboration allows you to share your organizations, applications, and services with guest users from other organizations. That way, they will be able to maintain control over their own data. The B2B collaboration uses an invite-based process. So from the Azure Portal, you have to invite the individual where the external user or invited person has to accept the invite. Thereafter, they will be able to access the resources in your organisation with their own set of credentials. The developers can customise the invitation and the redemption process using AzureActive Directory Business to Business APIs. With BTB collaboration, external users are managed in the same directory as the employees of the organization, but they are typically called guest users.

These guest users can be managed in the same way as the employees of your tenant. So that means they can be added to the groups. You can apply for policies. So, B to B is supported by multiple applications that are hosted on your Azure Active Directory. Now, when it comes to B and C, b to Cis, a customer identity access management solution also called CIAM. So Azure ads B to C will allow external users to sign in with their preferred, let's say, social accounts or enterprise accounts. And thereby, you'll be getting a single sign on to the application. Azure ADB to C will now support millions of users and billions of authentications per day. So it handles scaling, authentication platform security, monitoring, and dealing with various types of attacks or threats, such as denial of service, password spray attacks, or brute force attacks, correct? So when you think about Azure B to C, external users are managed in Azure ADB to see Directory, which is separate from the organizations' employees and partners. Directory. Now, with Azure ADB to CSSO to the customer-ownedapplications within Azure, ADB to See Tenant is supported. So you've got a lot of benefits going on here. So BTC is a type of authentication solution that you can brand and customise so that it blends in with your web and mobile applications. Finally, let's talk about the pricing for this Azure Active Directory. External latencies are a feature of premium POne and P2 Azure ad additions. The pricing is monthly for the active user talking about different kinds of identities, B to C, B to B. We also need to talk about the concept of hybrid identities. Let's get started with that in the next lesson. Thanks for watching.

14. Describe the concept of hybrid Identities

The concept of hybrid identities If you're thinking that a hybrid identity is a user account or a group that exists on your premise and somehow also exists in Azure Active Directory, then you're fully correct. Organizations will be using the hybrid identity model or also the Cloud Identity model in order to serve applications both on-premise and in the cloud. In the hybrid model, identities are created on Windows Active Directory on your premise, or they could also be on any other identity provider. And then these identities are synchronised with Azure Active Directory. In the cloud model, only identities are created and wholly managed in Azure Active Directory. Now, whether identities are created on premises or in the cloud, users can access cloud and on premise resources.

And that's the beauty of this. With the hybrid model, users accessing both on-premises and cloud-based applications are hybrid users. They are managed in an on-premise active directory. So when you make an update on your premise, for example, you change the telephone number, or you change the organization or department of the user group or contacts, They are then synchronized to Azure Active Directory. The synchronization is managed with a tool called "Your ad Connect." When using this kind of hybrid model, authentication can be done by Azure Active Directory, which is known as Managed Authentication, or Azure Active Directory redirects the client requesting authentication to another identity provider, which is known as Federated Authentication. Now, we are talking about three authentication methods that are possible with this kind of setup. Let's talk about that.

There is password hash synchronization pass-through authentication, also called PTA, and there is federated authentication. And these three are kind of important from the understandability perspective. As a result, password hash synchronization is the most straightforward method of enabling authentication for on-premise directory objects. Users can use the same set of credentials that they always used on premises without requiring any kind of additional infrastructure. So, passwords have a synchronisation is type of managed authentication. That means Microsoft will take care of authentication for your user accounts, whether that is passed through authentication or PTA. Now this provides a simple password validation for Azure Active Directory authentication services by using a software agent that runs on one or maybe multiple on-premise servers. Now, these servers validate the users directly with an on-premise Active Directory, which means that the password validation just doesn't happen only in the Cloud, right? PTA is thus a type of federated managed authentication. Now, Azure Active Directory hands off the authentication process to a separate trusted authentication system, what's called Azure Active Directory Federation Services (ADFS). And then ADFS will validate the user's password. So, what's the major difference in terms of password synchronization? Authentication is done by Azure Active Directory. In the event of a pass through authentication, it does not happen in the cloud, but on premises. In the case of federated authentication, the authentication is handed off to ADFS Systems.

15. Describe the authentication capabilities of Azure – Introduction

We are here on the next page of this module, which is called the authentication capabilities of Azure Active Directory. Before we start ahead with this chapter and deep dive into the concepts, let's understand what you're going to learn here. In this lesson, you'll learn about the authentication capabilities of Azure Active Directory and also the various password protection and management capabilities of Azure Ad. You already know by now that authentication is the process of verifying an identity to be legitimate, and passwords are commonly used to authenticate users. But they have problems. Passwords are difficult to remember and easy for hackers to guess, because good passwords aren't necessarily difficult to remember. And users often use the same password for multiple applications, providing multiple points of entry for a compromised identity. We'll learn about multifactor authentication to protect that. We'll also see how it will improve your security. You'll also learn about the password protection and management capabilities of Azure Active Directory. So, without any further delay, let's get started.

16. Describe the different authentication methods

Legacy applications have relied on a single form of authentication, mostly passwords. However, passwords are problematic for users. They are easily compromised. Multi-factor authentication will require more than one form of verification to prove that an identity is legitimate. So you could be using an atypical device or a finger scan. That means that even when an identity password has been compromised, the hacker, the attacker, cannot gain entry to the resource. Multi-factor authentication dramatically improves the security of an identity. And moreover, it is simple for users. The additional authentication factor must be something that is difficult for an attacker to obtain or even duplicate. We have a new standard in sign i.e. would also like to mention that we now have a new standard in what's called password less authentication. But then let's take a step back and continue our discussion on multi-factor authentication. So what is MFA all about?

So we've got three of these Something you understand, something you possess, and something you are. So something you know is typically a password or a pin. Something you have is a device, a trusted device that cannot be easily duplicated, like an phone, hardware, or a key. And something you are, which is something that you are not cloned or duplicated. Your attributes, like fingerprints or facial recognition, are part of biometrics, which falls into the category of something you are. The multi-factor authentication verification prompts are configured to be part of Azure ad signing events. As a result, Azure Active Directory requests and processes multifactor authentication without requiring any changes to your app or services. So when a user signs in, they receive a multi-factor authentication prompt and you can choose from one of the additional verification forms when they have registered. What the admin has to do is ensure that the user chooses the verification methods or that the user can access their My account section to add verification methods or even edit verification methods. So what could be those verification methods? A multifactor authentication app, SMS, voice call, or even an OAuth hardware token can be used by the user. We can leave it to the user completely and let them choose what kind of verification option they want to use.

Prepared by Top Experts, the top IT Trainers ensure that when it comes to your IT exam prep and you can count on ExamSnap Microsoft Security, Compliance, and Identity Fundamentals certification video training course that goes in line with the corresponding Microsoft SC-900 exam dumps, study guide, and practice test questions & answers.

Comments (0)

Add Comment

Please post your comments about SC-900 Exams. Don't share your email address asking for SC-900 braindumps or SC-900 exam pdf files.