Microsoft Security, Compliance & Identity Fundamentals
Demonstrate foundational level knowledge on security, compliance, and identity concepts and related Microsoft cloud solutions.
Exam Details
Your Progress
0%0 of 5 steps completed
Step-by-Step RoadmapEstimated total: 3 to 4 weeks
Security, Compliance and Identity Concepts
Learn the foundational principles: Zero Trust, shared responsibility, and identity as the new perimeter.
What to Learn
- Zero Trust model (verify explicitly, least privilege, assume breach)
- Shared responsibility model (cloud vs on-prem)
- Defence in depth (layered security)
- Encryption (at rest and in transit)
- Authentication vs authorisation
Resources
- Microsoft Learn: SC-900 learning path (free, official)
- Microsoft Zero Trust documentation
Zero Trust is the most important concept in this exam. Memorise its three principles: verify explicitly, use least privilege access, and assume breach. Almost every security scenario question connects back to these principles.
Microsoft Entra ID and Identity
Understand Microsoft Entra ID (formerly Azure AD), authentication methods, and identity protection.
What to Learn
- Microsoft Entra ID (cloud identity service)
- MFA and passwordless authentication
- Conditional Access policies
- Identity Protection (risk-based policies)
- Privileged Identity Management (PIM)
- External identities (B2B, B2C)
Resources
- Microsoft Learn: Entra ID fundamentals
- Microsoft Entra admin centre (free exploration)
Know the difference between authentication (who are you?) and authorisation (what can you do?). Entra ID handles authentication. Azure RBAC handles authorisation. Conditional Access combines both: it checks who you are before granting access.
Azure Security Solutions
Learn Microsoft Defender products, Azure Sentinel, and network security.
What to Learn
- Microsoft Defender for Cloud
- Microsoft Defender for Endpoint
- Microsoft Sentinel (SIEM and SOAR)
- Azure Firewall and DDoS Protection
- Network Security Groups
- Microsoft Secure Score
Resources
- Microsoft Learn: Azure security solutions
- Microsoft Defender for Cloud documentation
Know what SIEM and SOAR mean. Microsoft Sentinel is both: it collects security data (SIEM) and automates responses (SOAR). Defender for Cloud shows your overall security posture with a Secure Score.
Compliance and Privacy
Understand Microsoft Purview, compliance tools, and data governance.
What to Learn
- Microsoft Purview compliance portal
- Sensitivity labels and data classification
- Data Loss Prevention (DLP) policies
- Microsoft Priva (privacy management)
- Compliance Manager and compliance score
- Insider Risk Management
Resources
- Microsoft Learn: Microsoft Purview and compliance
- Microsoft Trust Center documentation
Microsoft Purview is the unified brand for compliance and governance tools. Link each tool to a business problem: DLP = stop accidental data sharing, Sensitivity Labels = classify and protect files, Compliance Manager = track regulatory requirements.
Practice Tests and Exam Booking
Take practice exams, review gaps, and schedule your exam.
What to Learn
- SC-900 scenario questions
- Identity vs security vs compliance distinctions
- Service matching: which tool for which threat?
- Zero Trust application questions
Resources
- PathCert SC-900 practice quiz (free)
- MeasureUp SC-900
- Whizlabs SC-900
The exam is organised into three domains: identity (Entra ID), security (Defender, Sentinel), and compliance (Purview). If you can map every product to one of these three buckets and explain why, you will pass comfortably.