Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals
Proctored fundamentals exam that may include interactive components.
- Type
- Written
- Duration
- 45 min
Exam sections
Describe the concepts of security, compliance, and identity
Covers foundational principles such as the shared responsibility model, defense-in-depth, and Zero Trust. It explores core concepts of encryption, hashing, and governance, as well as identity fundamentals like authentication, authorization, and identity providers.
Question notes
May include interactive components. The section accounts for approximately 10-15% of the exam.
Preparation tips
Take the free Practice Assessment and use the Exam Sandbox to experience the interface.
Describe the capabilities of Microsoft Entra
Focuses on Microsoft Entra identity types, hybrid identity, and authentication methods like MFA. Includes access management via Conditional Access and RBAC, along with identity governance tools like PIM and access reviews.
Question notes
Covers Microsoft Entra ID (formerly Azure AD). Typically 25-30% of exam content.
Preparation tips
Review Microsoft Entra identity types and authentication capabilities in the official documentation.
Describe the capabilities of Microsoft security solutions
Details Microsoft’s security ecosystem, including Azure network security (DDoS, Firewall, WAF), management via Microsoft Defender for Cloud, SIEM/SOAR in Microsoft Sentinel, and integrated threat protection through Microsoft Defender XDR.
Question notes
Covers Azure security services and Microsoft Defender XDR. Represents 35-40% of the exam.
Preparation tips
Explore Microsoft Sentinel and the various Microsoft Defender products (Endpoint, Office 365, etc.).
Describe the capabilities of Microsoft compliance solutions
Examines compliance tools like Service Trust Portal and Microsoft Purview. Covers information protection, data loss prevention, Compliance Manager, insider risk management, eDiscovery, and audit reporting.
Question notes
Focuses on Microsoft Purview and Service Trust Portal. Makes up 20-25% of the exam.
Preparation tips
Understand the use of the compliance score and Microsoft Purview information protection labels.
