Book Image

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

By : Dwayne Natwick

Book Image

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

By: Dwayne Natwick

Overview of this book

Cloud technologies have made building a defense-in-depth security strategy of paramount importance. Without proper planning and discipline in deploying the security posture across Microsoft 365 and Azure, you are compromising your infrastructure and data. Microsoft Security, Compliance, and Identity Fundamentals is a comprehensive guide that covers all of the exam objectives for the SC-900 exam while walking you through the core security services available for Microsoft 365 and Azure. This book starts by simplifying the concepts of security, compliance, and identity before helping you get to grips with Azure Active Directory, covering the capabilities of Microsoft’s identity and access management (IAM) solutions. You'll then advance to compliance center, information protection, and governance in Microsoft 365. You'll find out all you need to know about the services available within Azure and Microsoft 365 for building a defense-in-depth security posture, and finally become familiar with Microsoft's compliance monitoring capabilities. By the end of the book, you'll have gained the knowledge you need to take the SC-900 certification exam and implement solutions in real-life scenarios.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Share Your Thoughts

Section 1: Exam Overview

Section 1: Exam Overview

Free Chapter

Chapter 1: Preparing for Your Microsoft Exam

Chapter 1: Preparing for Your Microsoft Exam

Technical requirements

Preparing for the Microsoft exam

Resources available and accessing Microsoft Learn

Creating a Microsoft 365 trial subscription

Exam objectives

Who should take the SC-900 exam?

Section 2: The Key Concepts of Security, Compliance, and Identity

Section 2: The Key Concepts of Security, Compliance, and Identity

Chapter 2: Describing Security Methodologies

Chapter 2: Describing Security Methodologies

Describing and using a defense-in-depth security strategy

Understanding a shared responsibility in cloud security

Using and implementing the principles of the zero-trust methodology

Chapter 3: Understanding Key Security Concepts

Chapter 3: Understanding Key Security Concepts

Describing common threats

Describing encryption

Chapter 4: Key Microsoft Security and Compliance Principles

Chapter 4: Key Microsoft Security and Compliance Principles

Microsoft's privacy principles

Service Trust Portal offerings

Section 3: The Microsoft Identity Management Solutions

Section 3: The Microsoft Identity Management Solutions

Chapter 5: Defining Identity Principles/Concepts and the Identity Services within Azure AD

Chapter 5: Defining Identity Principles/Concepts and the Identity Services within Azure AD

Defining identity as the security perimeter

Defining authentication and authorization

Describing identity providers, Azure Active Directory, and federated services

Defining common identity attacks

Chapter 6: Describing the Authentication and Access Management Capabilities of Azure AD

Chapter 6: Describing the Authentication and Access Management Capabilities of Azure AD

Technical requirements

Describing Azure AD

Describing the types of identities in Azure AD

Describing how hybrid identity works within Azure AD

Describing how external users and groups are used in Azure AD

Describing the different ways to protect identity in Azure AD

Planning and implementing security defaults

Chapter 7: Describing the Identity Protection and Governance Capabilities of Azure AD

Chapter 7: Describing the Identity Protection and Governance Capabilities of Azure AD

Technical requirements

Describing Identity Governance

Describing entitlement and access reviews

Describing the capabilities of PIM

Describing Azure AD Identity Protection and Conditional Access policies

Section 4: The Microsoft Security Solutions for Microsoft 365 and Azure

Section 4: The Microsoft Security Solutions for Microsoft 365 and Azure

Chapter 8: Describing Basic Security Services and Management Capabilities in Azure

Chapter 8: Describing Basic Security Services and Management Capabilities in Azure

Technical requirements

Network segmentation

Describe Azure Network Security Groups

Describe Azure DDoS protection

Describe Azure Firewall and Web Application Firewall

Describe secure remote management of virtual machines

Describe Azure data encryption

Chapter 9: Describing Security Management and Capabilities of Azure

Chapter 9: Describing Security Management and Capabilities of Azure

Technical requirements

Describing Cloud Security Posture Management (CSPM)

Describing the enhanced security features for Microsoft Defender for Cloud

Describing security baselines for Azure

Chapter 10: Describing Threat Protection with Microsoft 365 Defender

Chapter 10: Describing Threat Protection with Microsoft 365 Defender

Technical requirements

Describing the XDR and Microsoft 365 Defender services

Describing Microsoft Defender for Office 365

Describing Microsoft Defender for Cloud Apps

Describing Microsoft Defender for Identity

Describing Microsoft Defender for Endpoint

Chapter 11: Describing the Security Capabilities of Microsoft Sentinel

Chapter 11: Describing the Security Capabilities of Microsoft Sentinel

Technical requirements

Define the concepts of SIEM, SOAR, and XDR

Describe how Microsoft Sentinel provides integrated threat management

Describe Microsoft Sentinel in a modern SOC

Chapter 12: Describing Security Management and the Endpoint Security Capabilities of Microsoft 365

Chapter 12: Describing Security Management and the Endpoint Security Capabilities of Microsoft 365

Technical requirements

Describe the Microsoft 365 Defender portal

Describe the use of Microsoft Secure Score

Describe the security reports and dashboards

Describe incidents and incident management capabilities

Describe endpoint security with Microsoft Intune

Section 5: The Microsoft Compliance Monitoring Capabilities within Microsoft 365 and Azure

Section 5: The Microsoft Compliance Monitoring Capabilities within Microsoft 365 and Azure

Chapter 13: Compliance Management Capabilities in Microsoft

Chapter 13: Compliance Management Capabilities in Microsoft

Technical requirements

Describe the compliance center

Describing Compliance Manager

Describe the use and benefits of the compliance score

Chapter 14: Describing Information Protection and Governance Capabilities of Microsoft 365

Chapter 14: Describing Information Protection and Governance Capabilities of Microsoft 365

Technical requirements

Describe data classification capabilities

Describe sensitivity labels

Describe data loss prevention

Describe records management

Describe retention policies and retention labels

Chapter 15: Describing Insider Risk, eDiscovery, and Audit Capabilities in Microsoft 365

Chapter 15: Describing Insider Risk, eDiscovery, and Audit Capabilities in Microsoft 365

Technical requirements

The insider risk management solution

Information barriers and Customer Lockbox

The Core eDiscovery workflow

The core audit capabilities of Microsoft 365

Chapter 16: Describing Resource Governance Capabilities in Azure

Chapter 16: Describing Resource Governance Capabilities in Azure

Technical requirements

Azure Policy and its use cases

Azure Blueprints

Chapter 17: Final Assessment/ Mock Exam

Chapter 17: Final Assessment/ Mock Exam

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Defining common identity attacks

As stated in the first section of this chapter, identity and access is the security perimeter when utilizing cloud services. Therefore, many of the most common security threats to our companies are identity-based attacks. Identity attacks are focused on stealing the credentials of a user and then using these credentials to authenticate to services that that user is authorized to access.

Let's look at some of the more common types of identity attacks.

A password-based attack is when an attacker is attempting to guess the combination of username and password to gain access. A password spray attack is a password-based attack where the attacker is utilizing a list of weak passwords against a username to gain access. A brute-force attack is similar to a password spray attack; it attempts many passwords against multiple accounts to find a weak password on an account. In all of these attacks, when an attacker finds a match on a username and password...