Exam SC-900: Security, Compliance & Identity Fundamentals

Based on the SC-900 exam updates from April 2021, let's break down the key points and concepts you need to understand for each module within Parts 3 and 4 of the Microsoft Certified: Azure Fundamentals exam guide, which covers the capabilities of Microsoft security solutions and compliance solutions.

PART 3: Describe the capabilities of Microsoft security solutions

MODULE 1 - Basic security capabilities in Azure

• Network Security: Understand Network Security Groups (NSGs), Azure Firewall, and Azure DDoS Protection to secure your network infrastructure.
• Encryption: Learn about different methods of encryption for data protection both at rest and in transit within Azure services.

MODULE 2 - Security management capabilities of Azure

• Azure Security Center: Understand its role in enhancing the security posture of your organization, including the Azure secure score and compliance readiness.
• Azure Defender: Learn how it protects various resources like storage accounts, SQL databases, etc., and understand the concept of Cloud Security Posture Management (CSPM).
• Security baseline: Know the importance of security baselines in Azure for maintaining best practices.

MODULE 3 - Describe security capabilities of Azure Sentinel

• Azure Sentinel provides a unified solution for:
  • Alert detection
  • Threat visibility and analysis
  • Proactive hunting
  • Threat response
• Understand the licensing model for Azure Sentinel.

MODULE 4 - Describe threat protection with Microsoft 365 Defender

• Microsoft Defender for Office 365: Learn how it protects against threats targeting your emails, documents, and collaboration tools.
• Microsoft Defender for Endpoint: Understand its role in protecting devices from advanced threats.
• Microsoft Defender for Identity: Know its capabilities to detect and respond to potential or actual breaches.

PART 4: Describe the capabilities of Microsoft compliance solutions

MODULE 1 - Information protection and governance capabilities of Microsoft 365

• Data classification: Learn how to classify data within Microsoft 365 to ensure proper handling and protection.
• Records management: Understand how to manage records effectively, ensuring they are preserved and accessible when needed.
• Data loss prevention (DLP): Know how DLP policies help in protecting sensitive information from being leaked or mishandled.

MODULE 2 - Insider risk capabilities in Microsoft 365

• Insider Risk Management: Learn about monitoring user activities and detecting risky behavior.
• Communication compliance: Understand the management of communication data to ensure compliance with regulatory requirements.
• Information barriers: Know how these can be set up to prevent conflicts of interest within an organization.
• Privileged Access Management (PAM): Understand the importance of controlling access to sensitive systems and data.

MODULE 3 - E-Discovery capabilities of Microsoft 365

• Core audit capabilities: Learn about the basic auditing features in Microsoft 365, such as activity reporting and user and group activity tracking.
• Advanced Auditing: Understand the advanced auditing capabilities that allow for more detailed insights into user activities and system events.

MODULE 4 - Resource governance capabilities in Azure

• Azure Policy: Know how it helps enforce organizational standards and assess compliance at scale.
• Cloud Adoption Framework (CAF): Understand the CAF as a guide to help you adopt cloud services securely, efficiently, and effectively.

MODULE 5 - Audit capabilities in Microsoft 365

• Audit Logs: Learn how to use audit logs to track activities performed by users and administrators within Microsoft 365.
• Security, Compliance Center: Understand the role of this center in managing and monitoring compliance and security across Microsoft 365 services.
• Advanced auditing features: Know how these provide deeper insights into user and admin activities, helping to detect and respond to security incidents.

MODULE 6 - Cloud Security Posture Management (CSPM) in Azure

• Learn about the capabilities of CSPM solutions in Azure, which help in identifying and remediating security and compliance risks across cloud infrastructure.

Remember that the SC-900 exam not only tests your knowledge of these concepts but also your understanding of how they integrate within Microsoft's broader ecosystem of security and compliance tools. Keep an eye on official resources like Microsoft Docs and the SC-900 exam page for any further updates or changes to the exam content.