SC-900 Microsoft

Security,
Compliance, and
Identity
Fundamentals
Identité et gestion
des accès

https://aka.ms/sc900academy
 Agenda
 Save the date
 Azure Active Directory
 Identités hybrides
 Authentification
 Gestion des accès
 Gouvernance et protection des identités
 Ressources

https://aka.ms/sc900academy
 Save the date
Date  Thème

23 janvier 2023 (12h00)  Concepts

25 janvier 2023 (12h00)  Identité et gestion des accès
27 janvier 2023 (12h00)
Cliquez ici pour participer à la réunion  Solutions de sécurité Microsoft 365
30 janvier 2023 (12h00)
Cliquez ici pour participer à la réunion  Solutions de sécurité Azure
1er février 2023 (12h00)
Cliquez ici pour participer à la réunion  Solutions de conformité
3 février 2023 (12h00)
Cliquez ici pour participer à la réunion  Dry Run et Q&A

https://aka.ms/sc900academy
Introduction
Overview of Microsoft Certified: Get started at
Security, Compliance, and Identity Fundamentals aka.ms/SecurityCerts_Fundamentals

Exam details Certification

Who is this
certification for? Products featured
SC-900: Pass certification exam SC-900
This certification is targeted to those Microsoft Security, Compliance, and Ident to earn this certification • Azure Active Directory
ity Fundamentals
looking to familiarize themselves with • Azure Sentinel
the fundamentals of security, Skills measured: • Azure Secure Score
compliance, and identity (SCI) across • Concepts of Security, Compliance, and Identity • Microsoft 365 Defender
cloud-based and related Microsoft
• Capabilities of Microsoft Identity and Access • Microsoft Security Score
services. This is a broad audience that Management Solutions
Microsoft Certified: • Microsoft Compliance
may include business stakeholders, new • Capabilities of Microsoft Security Solutions Security, Compliance, and Identity Fund Manager
or existing IT professionals, or students amentals
• Capabilities of Microsoft Compliance Solutions • Microsoft Intune
who have an interest in Microsoft
• And more…
security, compliance, and identity Knowledge and experience:
solutions. Candidates should be familiar with Microsoft Azure
and Microsoft 365 and understand how Microsoft
security, compliance, and identity solutions can
span across these solution areas to provide a
holistic and end-to-end solution.

© 2021 Microsoft Corporation. All rights reserved.

 Find a Learning Partner
The journey to Microsoft Certified:
Get started at
Security, Compliance, and Identity Fundamentals aka.ms/SecurityCerts_Fundamentals

Start here
Decide if this is the right Upskill with recommended Pass required exam to
certification for you training and experience earn your certification

This certification is targeted to those Skills outline guide Exam SC-900

looking to familiarize themselves with the Microsoft
• SC-900
fundamentals of security, compliance, and Security, Compliance, and Identity F
identity (SCI) across cloud-based and undamentals
related Microsoft services.

Self-paced online learning Microsoft Certified:

Microsoft Learn Security, Compliance, and Identity
Fundamentals

Additional resources
• Microsoft Docs

First, make sure your skills are up to date.

Need to update your skills in

security, compliance, and identity?
Security, Compliance, and Identit
y Fundamentals
training on Microsoft Learn.

© 2021 Microsoft Corporation. All rights reserved.

 Find a Learning Partner
Learning path for Microsoft Certified:

Security, Compliance, and Identity Fundamentals

This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. This is a
broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.

Describe the concepts of security, Describe the capabilities of Exam SC-900

compliance, and identity Microsoft security solutions
Microsoft Security, Compliance,
2 modules 6 modules and Identity Fundamentals
Pass certification exam
Self-paced online SC-900 to earn this
training on certification
Microsoft Learn Describe the capabilities of M Describe the capabilities of Mic
icrosoft Identity and access m rosoft compliance solutions
anagement solutions Microsoft Certified:
6 modules
5 modules Security, Compliance, and Id
entity Fundamentals

© 2021 Microsoft Corporation. All rights reserved.

 Find a Learning Partner
L’examen SC-900
 Microsoft Security, Compliance, and Identity Fundamentals
 60 minutes, ~50 questions très générales

 Sujets :
 Describe the concepts of security, compliance, and identity (10-15%)
 Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft
Entra (25-30%)
 Describe the capabilities of Microsoft security solutions (25-30%)
 Describe the capabilities of Microsoft compliance solutions (25-30%)
 Describe the capabilities of Microsoft Identity and
Access Management Solutions (25-30%)

 Describe the basic identity services and identity types of Azure AD

 Describe the authentication capabilities of Azure AD
 Describe access management capabilities of Azure AD
 Describe the identity protection & governance capabilities of Azure AD

Learning path: https://docs.microsoft.com/en-us/learn/paths/describe-capabilities-of-microsoft-identity-access/

 Azure Active Directory
Protect your users, apps, workloads, and devices.

Microsoft Entra Permissions Management

One unified model to manage permissions
Secure access for a of any identity across any cloud.
connected world.

Verified ID
Enable more secure interactions while respecting
privacy with an industry-leading global platform.
Basic Identity Services and Identity Types
Azure Active Directory
 Licensing
 Azure AD Free
 Azure AD for Office 365 Apps
 Azure AD Premium P1
 Azure AD Premium P2
Azure AD identity types
 User
 A representation of something that's managed by Azure AD

 Service Principal
 A security identity used by applications or services to access specific Azure resources

 Managed Identity
 Manage the credentials for authenticating a cloud application with an Azure service
 System-assigned
 User-assigned

 Device
 Azure AD registered
 Azure AD joined
 Hybrid Azure AD joined
External Identities
 Guests
 B2B
 B2C
Hybrid identities
 Synchronization
 Authentication
 Password hash synchronization (PHS)
 Pass-through authentication (PTA)
 Federated authentication (ADFS,…)
Knowledge check
Authentication capabilities
Multifactor Authentication
 MFA
 Something you know
 Something you have
 Something you are
Security Defaults
 Goal
 Ensure that all organizations have a basic level of security enabled at no extra cost

 Policies
 Requiring all users to register for Azure AD Multi-Factor Authentication.
 Requiring administrators to perform multi-factor authentication.
 Blocking legacy authentication protocols.
 Requiring users to perform multi-factor authentication when necessary.
 Protecting privileged activities like access to the Azure portal.

 Conditional Access or Security Defaults

Self-service password reset (SSPR)
 Allows users to change or reset their password, without administrator
or help desk involvement.
 Password change
 Password reset
 Account unlock

 User
 Assigned an Azure AD license
 Enabled for SSPR
 Registered, with the authentication methods they want to use

 Authentication methods
 Mobile app notification, Mobile app code, Email, Mobile phone, Office phone, Security
questions
Password protection
 Goal
 Reduce the risk of users setting weak passwords

 Global banned password list

 Custom banned password lists
 Hybrid
 On-premises Active Directory
Knowledge check
Access Management Capabilities
Conditional Access
 Conditional Access policies are enforced after first-factor
authentication is completed
Azure AD role-based access control
 Built-in roles
 Global Administrator
 User Administrator
 Security Administrator
 …

 Custom Roles
 RBAC
 Principle of least privilege
Knowledge check
Identity Protection and Governance Capabilities
Identity governance
 Azure AD Identity Governance
• Govern the identity lifecycle.
• Govern access lifecycle.
• Secure privileged access for administration
Entitlement management
 Goal :
 Identity governance, automate access, request workflows, access assignments, reviews, and
expiration.
 Azure AD Premium P2
 Access Reviews
 Term of Use
Privileged identity Management
 Goal
 Provide Privileged Access only when needed
Identity Protection
 Goal
 Automate the detection and remediation of identity-based risks

 User Risk
 Sign-in Risk
Knowledge check
Ressources
Les ressources

Acronyms: https://aka.ms/MSAcronyms

Virtual Instructor Trainings :

https://partner.microsoft.com/en-us/training/assets/collection/microsoft-security-compliance-and-identity-funda
mentals-sc-900#/

John Savill SC-900 Study Cram : https://www.youtube.com/watch?v=Bz-8jM3jg-8

Inscription à l’examen : https://learn.microsoft.com/en-us/certifications/exams/sc-900/

https://aka.ms/sc900academy