🧭 Overview
Exam Code: SC-900
Certification: Microsoft Certified: Security, Compliance, and Identity Fundamentals
Audience: Individuals starting their journey in cybersecurity, cloud security, or governance within Microsoft environments.
Exam Format: Multiple choice, scenario-based questions
Time Limit: ~45 minutes
Passing Score: 700 (on a 100–1000 scale)
Cost: Varies by region
Official Site: Microsoft Certification SC-900
✅ Skills Measured
| Domain | Weight |
|---|---|
| Describe the concepts of security, compliance, and identity (SCI) | 10–15% |
| Describe the capabilities of Microsoft Entra (identity and access management) | 25–30% |
| Describe the capabilities of Microsoft security solutions | 35–40% |
| Describe the capabilities of Microsoft compliance solutions | 20–25% |
🧱 Exam Topics Breakdown
1. Security, Compliance & Identity (SCI) Concepts
Shared responsibility model in the cloud
Zero Trust principles and Defense-in-Depth
Security vs compliance vs identity
Authentication, authorization, identity types
Governance, Risk, and Compliance (GRC)
2. Microsoft Entra Identity & Access Management
Identity types: user, service, device, workload
Authentication methods: MFA, SSPR, passwordless
Conditional Access policies
Role-based access control (RBAC)
Microsoft Entra ID Protection and Identity Governance
Microsoft Entra External ID
3. Microsoft Security Solutions
Microsoft Defender for:
Endpoint
Office 365
Identity
Cloud Apps
Cloud (Azure Security Center)
Microsoft Sentinel (SIEM & SOAR capabilities)
Azure Firewall, DDoS Protection, Key Vault, Bastion
Microsoft Intune (Endpoint security and compliance)
4. Microsoft Compliance Solutions
Microsoft Purview:
Information Protection (labels, DLP)
Insider Risk Management
Communication Compliance
eDiscovery
Data Lifecycle Management
Compliance Manager
Compliance Score
Microsoft Trust Center and Service Trust Portal
📅 4-Week Study Plan
| Week | Topics | Resources |
|---|---|---|
| Week 1 | SCI Concepts + Identity Basics | Microsoft Learn: Introduction to SCI |
| Week 2 | Microsoft Entra (IAM) | Microsoft Learn: Identity & Access Capabilities |
| Week 3 | Microsoft Security Solutions | Microsoft Learn: Security Solutions |
| Week 4 | Microsoft Compliance Tools | Microsoft Learn: Compliance Solutions; Review & practice exam |
🎓 Microsoft Official Learning Resources
✅ SC-900 Learning Path on Microsoft Learn (Free)
✅ Microsoft Instructor-Led Training: SC-900T00-A
✅ Microsoft Practice Assessment for SC-900
✅ Certification Skills Outline PDF (Download from Microsoft site)
🧠 Study Tips
Use Microsoft Learn for all modules – each one includes interactive labs and quizzes.
Take the official practice assessment after completing your learning path.
Use a trial Microsoft 365 or Azure subscription to explore tools like Microsoft Entra, Defender, and Purview hands-on.
Memorize key terminology like Zero Trust, Conditional Access, RBAC, and Microsoft Purview components.
Focus on “describe” level understanding—you don’t need to configure the tools, but know what each does.
✅ Before the Exam
Complete all Microsoft Learn modules for SC-900
Take the official Microsoft Practice Assessment
Review your weak areas using module summaries
Schedule and take the exam via Pearson VUE or Certiport
