Microsoft Certified Security, Compliance, and Identity Fundamentals (1 科基礎雲端保安) 國際認可證書課程
課程簡稱：Microsoft SCI Training Course

Microsoft 已更改產品 “Azure AD” 的名稱至新的名稱 “Entra ID” 以統一旗下產品的稱號。“Azure AD” 現有的理論、功能、角色、使用方法、應用程式開發介面 (API) 及指令集 (PowerShell cmdlets) 等等，將於新名稱 “Entra ID” 下保持不變。您於本課程學習 “Azure AD” 技術，將可以繼續於 “Entra ID” 下全數使用於日常工作並應考本課程相關的考試。Microsoft 亦有提及如果您的機構內已部署及正在使用 “Azure AD”，就算產品名稱被改成 “Entra ID”，您亦不需要採取任何行動，您的 I.T. 系統將會繼續運作，並會照樣地獲得與 “Azure AD” 相同的服務水準 (SLA，Service Level Agreement)。

資料來源:
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-is-becoming-microsoft-entra-id/ba-p/2520436

本中心是 Microsoft 認可的合作夥伴 (Microsoft Certified Partner)。

Preface

About Microsoft Azure and Microsoft 365’s Security services and certification

Microsoft integrates more than 50 different categories across security, compliance, identity, device management, and privacy - and most customers save 60 percent on average by leveraging Microsoft’s comprehensive security solutions compared to a multi-vendor strategy.

All Microsoft Security product families work together as one comprehensive solution across clouds and across platforms, helping customers to reduce tool sprawl, maximize value out of what they already have, and reduce complexity.

With recent announcements of Microsoft Entra and Microsoft Purview, Microsoft also aligned their product portfolio with how customers view the totality of their security challenges.

Microsoft Azure and Microsoft 365 provide the following Security Capabilities which would be mentioned throughout our Security, Compliance and Identity training course:

• Azure AD authentication and Hybrid Active Directory deployment
• Azure AD Multi-Factor Authentication (MFA) and Windows Hello
• Conditional Access and Role Based Access Control
• Privileged Identity Management (PIM) & Azure AD Identity Protection
• Microsoft Defender for Identity and Microsoft Defender for Endpoint
• Microsoft Defender Application Guard and Application Control
• Microsoft Defender and Attack Simulator
• Windows and Non-Windows Device Encryption
• Microsoft Sentinel
• Sensitivity Labels and Policies
• Data Loss Prevention (DLP)
• Microsoft Cloud App Security
• Governance and Compliance features in Microsoft 365
• Microsoft Endpoint Manager Admin Center and Microsoft Defender for Endpoint
• Microsoft 365 Security Center
• eDiscovery, investigation tools and Auditing
• Data privacy regulation compliance with GDPR

“Microsoft surpasses $10 billion in security business revenue, more than 40 percent year-over-year growth!” ~said CEO Satya Nadella

Today, Microsoft help secure more than 400,000 customers across 120 countries. These range from small businesses to large enterprises, with 90 of the Fortune 100 using four or more of Microsoft’s security, compliance, identity, and management solutions.

Microsoft Certified Security, Compliance and Identity Fundamentals

This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based, Microsoft on-premises and hybrid services.

This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.

About the course

Our training course will guide you through carefully selected examination topics, along with real-life examples, practical demonstration and business cases of implementing, verifying and maintaining various Microsoft 365, Microsoft Azure Cloud and Hybrid environment Security features with the latest operating systems.

Evaluations, Pros and Cons and may be comparisons of different Microsoft Security products would be verbally provided throughout the training course.

Security, Compliance and Identity standards and technical strategies will be discussed throughout the course, this enables you and your organization to reliably achieve security objectives, address uncertainties and act with integrity.

本中心為Microsoft指定的考試試場。報考時請致電本中心，登記欲報考之科目考試編號、考試日期及時間 (最快可即日報考)。臨考試前要出示身份證及繳付每科HK$566之考試費。

考試題目由澳洲考試中心傳送到你要應考的電腦，考試時以電腦作答。所有考試題目均為英文，而大多數的考試題目為單項及多項選擇題。

考試合格後會收到來自Microsoft的作實電郵，並進入該電郵內的連結，登入 Microsoft Credentials Dashboard 下載您的證書。

考試不合格便可重新報考，不限次數。欲知道作答時間、題目總數、合格分數等詳細考試資料，可瀏覽本中心網頁 "各科考試分數資料"。

SC-900 Microsoft Security, Compliance, and Identity Fundamentals (18 hrs)

Describe security and compliance concepts
• Describe the shared responsibility model
• Describe defense in depth
• Describe the Zero-Trust model
• Describe encryption and hashing
• Describe compliance concepts

Define identity concepts
• Define identity as the primary security perimeter
• Define authentication
• Define authorization
• Describe identity providers
• Describe Active Directory
• Describe the concept of Federation

Describe the basic identity services and identity types of Azure AD
• Describe Azure AD
• Describe Azure AD identities
• Describe hybrid identity
• Describe the different external identity types

Describe the authentication capabilities of Azure AD
• Describe the authentication methods available in Azure AD
• Describe Multi-factor Authentication
• Describe self-service password reset
• Describe password protection and management capabilities available in Azure AD

Describe access management capabilities of Azure AD
• Describe conditional access
• Describe the benefits of Azure AD roles
• Describe the benefits of Azure AD role-based access control

Describe the identity protection and governance capabilities of Azure AD
• Describe identity governance in Azure AD
• Describe entitlement management and access reviews
• Describe the capabilities of Azure AD Privileged Identity Management (PIM)
• Describe Azure AD Identity Protection

Describe basic security capabilities in Azure
• Describe Azure DDoS protection
• Describe Azure Firewall
• Describe Web Application Firewall
• Describe Network Segmentation with VNet
• Describe Azure Network Security groups
• Describe Azure Bastion and JIT Access
• Describe ways Azure encrypts data

Describe security management capabilities of Azure
• Describe Cloud security posture management (CSPM)
• Describe Microsoft Defender for Cloud
• Describe the enhanced security features of Microsoft Defender for Cloud
• Describe security baselines for Azure

Describe security capabilities of Microsoft Sentinel
• Define the concepts of SIEM and SOAR
• Describe how Microsoft Sentinel provides integrated threat management

Describe threat protection with Microsoft 365 Defender
• Describe Microsoft 365 Defender services
• Describe Microsoft Defender for Office 365
• Describe Microsoft Defender for Endpoint
• Describe Microsoft Defender for Cloud Apps
• Describe Microsoft Defender for Identity
• Describe the Microsoft 365 Defender portal

Describe Microsoft’s Service Trust Portal and privacy principles
• Describe the offerings of the Service Trust portal
• Describe Microsoft’s privacy principles

Describe the compliance management capabilities of Microsoft Purview
• Describe the Microsoft Purview compliance portal
• Describe compliance manager
• Describe the use and benefits of compliance score

Describe information protection and data lifecycle management capabilities of Microsoft Purview
• Describe data classification capabilities
• Describe the benefits of content explorer and activity explorer
• Describe sensitivity labels
• Describe Data Loss Prevention (DLP)
• Describe Records Management
• Describe Retention Polices and Retention Labels

Describe insider risk capabilities in Microsoft Purview
• Describe Insider Risk Management
• Describe communication compliance
• Describe information barriers

Describe resource governance capabilities in Azure
• Describe Azure Policy
• Describe Azure Blueprints
• Describe the capabilities in the Microsoft Purview governance portal

The course content above may change at any time without notice in order to better reflect the contents of examination.