Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900: Familiarize yourself with security, identity, and compliance in Microsoft 365 and Azure
- Length: 404 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2022-05-26
- ISBN-10: 1801815992
- ISBN-13: 9781801815994
- Sales Rank: #451479 (See Top 100 Books)
Understand the fundamentals of security, compliance, and identity solutions across Microsoft Azure, Microsoft 365, and related cloud-based Microsoft services
Key Features
- Grasp Azure AD services and identity principles, secure authentication, and access management
- Understand threat protection with Microsoft 365 Defender and Microsoft Defender for Cloud security management
- Learn about security capabilities in Microsoft Sentinel, Microsoft 365 Defender, and Microsoft Intune
Book Description
Cloud technologies have made building a defense-in-depth security strategy of paramount importance. Without proper planning and discipline in deploying the security posture across Microsoft 365 and Azure, you are compromising your infrastructure and data. Microsoft Security, Compliance, and Identity Fundamentals is a comprehensive guide that covers all of the exam objectives for the SC-900 exam while walking you through the core security services available for Microsoft 365 and Azure.
This book starts by simplifying the concepts of security, compliance, and identity before helping you get to grips with Azure Active Directory, covering the capabilities of Microsoft’s identity and access management (IAM) solutions. You’ll then advance to compliance center, information protection, and governance in Microsoft 365. You’ll find out all you need to know about the services available within Azure and Microsoft 365 for building a defense-in-depth security posture, and finally become familiar with Microsoft’s compliance monitoring capabilities.
By the end of the book, you’ll have gained the knowledge you need to take the SC-900 certification exam and implement solutions in real-life scenarios.
What you will learn
- Become well-versed with security, compliance, and identity principles
- Explore the authentication, access control, and identity management capabilities of Azure Active Directory
- Understand the identity protection and governance aspects of Azure and Microsoft 365
- Get to grips with the basic security capabilities for networks, VMs, and data
- Discover security management through Microsoft Defender for Cloud
- Work with Microsoft Sentinel and Microsoft 365 Defender
- Deal with compliance, governance, and risk in Microsoft 365 and Azure
Who this book is for
This book is for cloud security engineers, Microsoft 365 administrators, Azure administrators, and anyone in between who wants to get up to speed with the security, compliance, and identity fundamentals to achieve the SC-900 certification. A basic understanding of the fundamental services within Microsoft 365 and Azure will be helpful but not essential.
Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 Foreword Contributors About the author About the reviewers Preface Who this book is for What this book covers To get the most out of this book Download the color images Conventions used Get in touch Share Your Thoughts Section 1: Exam Overview Chapter 1: Preparing for Your Microsoft Exam Technical requirements Preparing for the Microsoft exam Resources to prepare for the exam Access to a subscription Where to take the exam Exam format Resources available and accessing Microsoft Learn Accessing Microsoft Learn Finding content on Microsoft Learn Exam pages on Microsoft Learn Creating a Microsoft 365 trial subscription Office 365 or Microsoft 365 trial subscription Enterprise Mobility + Security subscription Free month of Azure services Exam objectives Who should take the SC-900 exam? Summary Section 2: The Key Concepts of Security, Compliance, and Identity Chapter 2: Describing Security Methodologies Describing and using a defense-in-depth security strategy Understanding the cyber-attack kill chain Building a defense-in-depth security posture Understanding a shared responsibility in cloud security Evolution to the cloud and cloud services Shared responsibility comparison Using and implementing the principles of the zero-trust methodology Signal Decision Enforcement Summary Chapter 3: Understanding Key Security Concepts Describing common threats What is a threat? Internal threats External threats Threat analysis Describing encryption What is encryption? Summary Chapter 4: Key Microsoft Security and Compliance Principles Microsoft's privacy principles Control Transparency Security Strong legal protections No content-based targeted marketing Benefits to you Service Trust Portal offerings Compliance manager The Trust Documents tab Industries and regions The Trust Center tab The Resources tab The My Library tab Summary Section 3: The Microsoft Identity Management Solutions Chapter 5: Defining Identity Principles/Concepts and the Identity Services within Azure AD Defining identity as the security perimeter Defining identity and access management Principle of least privilege Defining authentication and authorization Describing identity providers, Azure Active Directory, and federated services Identity providers Azure AD Federated services Configuring identity providers Google configuration Facebook configuration Defining common identity attacks Summary Chapter 6: Describing the Authentication and Access Management Capabilities of Azure AD Technical requirements Describing Azure AD Describing the types of identities in Azure AD Describing how hybrid identity works within Azure AD Hybrid identity Azure AD Windows Active Directory Azure AD Connect Describing how external users and groups are used in Azure AD B2B B2C Configuring external collaboration settings Describing the different ways to protect identity in Azure AD What is MFA? How does Azure AD MFA work? Which licenses include Azure AD MFA? Azure authentication methods Configuring Azure AD MFA Enabling users for Azure AD MFA Configuring and deploying SSPR Modern authentication Windows Hello Deploying and managing password protection Planning and implementing security defaults Summary Chapter 7: Describing the Identity Protection and Governance Capabilities of Azure AD Technical requirements Describing Identity Governance Describing entitlement and access reviews Catalogs Access packages Access reviews Describing the capabilities of PIM Describing Azure AD Identity Protection and Conditional Access policies Zero-trust methodology Conditional Access policies Azure AD Identity Protection Summary Section 4: The Microsoft Security Solutions for Microsoft 365 and Azure Chapter 8: Describing Basic Security Services and Management Capabilities in Azure Technical requirements Network segmentation Describe Azure Network Security Groups Describe Azure DDoS protection Describe Azure Firewall and Web Application Firewall Describe secure remote management of virtual machines Describe Azure data encryption Summary Chapter 9: Describing Security Management and Capabilities of Azure Technical requirements Describing Cloud Security Posture Management (CSPM) Describing the enhanced security features for Microsoft Defender for Cloud Describing security baselines for Azure Summary Chapter 10: Describing Threat Protection with Microsoft 365 Defender Technical requirements Describing the XDR and Microsoft 365 Defender services The components of Microsoft 365 Defender Describing Microsoft Defender for Office 365 Describing Microsoft Defender for Cloud Apps Discovered app scoring Sanctioning and un-sanctioning apps Describing Microsoft Defender for Identity Describing Microsoft Defender for Endpoint Summary Chapter 11: Describing the Security Capabilities of Microsoft Sentinel Technical requirements Define the concepts of SIEM, SOAR, and XDR Describe how Microsoft Sentinel provides integrated threat management Setting up Microsoft Sentinel and connecting log data Describe Microsoft Sentinel in a modern SOC Daily tasks Weekly tasks Monthly tasks Summary Chapter 12: Describing Security Management and the Endpoint Security Capabilities of Microsoft 365 Technical requirements Describe the Microsoft 365 Defender portal Describe the use of Microsoft Secure Score Describe the security reports and dashboards Describe incidents and incident management capabilities Describe endpoint security with Microsoft Intune Summary Section 5: The Microsoft Compliance Monitoring Capabilities within Microsoft 365 and Azure Chapter 13: Compliance Management Capabilities in Microsoft Technical requirements Describe the compliance center Describing Compliance Manager Describe the use and benefits of the compliance score Summary Chapter 14: Describing Information Protection and Governance Capabilities of Microsoft 365 Technical requirements Describe data classification capabilities Describe sensitivity labels Describe data loss prevention Describe records management Describe retention policies and retention labels Summary Chapter 15: Describing Insider Risk, eDiscovery, and Audit Capabilities in Microsoft 365 Technical requirements The insider risk management solution Insider risk management Communication compliance Information barriers and Customer Lockbox Information barriers Customer Lockbox The Core eDiscovery workflow Core eDiscovery Advanced eDiscovery The core audit capabilities of Microsoft 365 Summary Chapter 16: Describing Resource Governance Capabilities in Azure Technical requirements Azure Policy and its use cases Azure Blueprints Azure Purview Summary Chapter 17: Final Assessment/ Mock Exam Questions Answers Summary Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share Your Thoughts
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900: Familiarize yourself with security, identity, and compliance in Microsoft 365 and Azure
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.