Please enable JavaScript.
Coggle requires JavaScript to display documents.
SC-900: MS Security, Compliance and Identity Fundamentals by Microsoft…
SC-900: MS Security, Compliance and Identity Fundamentals by Microsoft Learn
- Concepts of security, compliance and identity
- Security and compliance concepts
- Shared Responsibility Model, more info: MS Learn
-
-
-
-
-
-
-
-
-
- For data in use (CPU and RAM)
-
-
-
-
- Identity as primary security perimeter
-
-
- Directory Services & Active Directory
- Active Directory Domain Services (AD DS)
- MS Entra ID (previously Azure Active Directory)
-
- Function and Identity types
-
-
-
-
- MS Entra registered device
MS Intune
- Mobile Device Management (MDM)
- Mobile Application Management (MAM)
-
- MS Entra hybrid joined devices
-
-
-
- Inter-directory provisioning
-
-
- Workforce (B2B collaboration)
- External (External ID is for consumers and business customers)
- Authentication For more info: MS Docs
-
-
- OAuth TOTP hardware tokens
- Windows Hello for Business
- Certificate + PIN + Biometrics
- FIDO2 (Fast Identity Online)
-
-
-
-
- Self-service Password Reset (SSPR)
- Assigned MS Entra ID license
- Enabled for SSPR by Admin
- Registered chosen authentication method (for SSPR)
-
- Password protection and management capabilities
- Global banned password list
-
- Custom banned password lists
-
- Protecting against password spray
-
- Access Management capabilities
-
- Global Secure Access aka. Security Service Edge (SSE)
-
-
-
-
- MS Entra RBAC vs Azure RBAC
-
-
- Identity Protection and Governance capabilities
- Which users should have access to which resources?
- What are those users doing with that access?
- Are there effective organizational controls for managing access?
- Can auditors verify that the controls are working?
-
-
- Privileged access lifecycle
- Manage user and guest user access with access reviews
- Multi-stage access reviews
- Microsoft Entra terms of use
- Privileged Identity Management (PIM)
-
-
-
-
- MS Entra Identity Protection
-
-
-
-
- MS Entra Permission Management
-
-
-
- Central piece of Zero Trust security strategy
- Cross-cloud permissions discovery (AWS, Azure and GCP)
- Automate deletion of permissions unused for the past 90 days
- ML-powered monitoring capabilities
-
- MS Entra integration with MS Copilot for Security
-
- Capabilities of MS Security Solutions
-
- Embedded (MS Defender XDR)
- Global administrator (MS Entra ID)
- Security administrator (MS Entra ID)
- Security operator (MS Entra ID)
- Security reader (MS Entra ID)
- Copilot owner (MS Copilot role)
- Copilot contributor (MS Copilot role)
-
-
-
- Core infrastructure services in Azure
-
-
- Resource (application layer)
- Protects layer 3 (network) and layer 4 (transport)
- DDoS Network Protection (premium)
-
- Stands on top of a virtual network
-
- Built-in high availability and availability zones
- Network and application level filtering
- Source and destination network address translation (NAT)
-
-
- Integration with Azure services
- Integration with Copilot for Security
- Best to deploy on top of Central VNet
- Using Virtual Networks (VNet's)
-
-
-
-
- Direction (inbound vs outbound)
-
-
-
- RDP and SSH directly in Azure Portal
- Remote session over TSL and firewall traversal for RDP/SSH
- No public IP required on the Azure VM
-
- Protection against port scanning
- Hardening in one place to protect against zero-day exploits
-
-
- Integration with Copilot for Security
- Security management capabilities in Azure
-
- Development Security Operations (DevSecOps)
- Security Management - Defender for DevOps
- Cloud Security Posture Management (CSPM) - default security initiative
-
- Hardening recommendations
- Integration with MS Copilot for Security
-
- Cloud Workload Protection Platform (CWPP)
- MCSB (MS Cloud Security Benchmark) - enabled by default when enabling MS Defender for Cloud
- Short description of issue
- Remediation steps to carry out in order to implement the recommendation
-
- MS Defender for App Service
-
-
- MS Defender for Kubernetes
- MS Defender for container registries
- MS Defender for Key Vault
- MS Defender for Resource Manager
-
- MS Defender for open-source relational protections
-
- Comprehensive endpoint detection and response
-
-
-
-
- Track compliance with a range of standards
- Access and application controls
-
- Security capabilities of MS Sentinel
-
- Threat detection and mitigation capabilities
- Out of the box data connectors
-
-
-
-
-
- Out of the box security content
-
- Integration with MS Copilot for Security
- MS Sentinel (Preview) plugin
- Natural language to KQL for MS Sentinel (Preview) plugin
- MS Sentinel with Copilot in Defender
-
- Threat protection with MS Defender XDR
-
- MS Defender for Office 365
-
-
-
- Core Defender Vulnerability Management
-
- Next generation protection
- Endpoint detection and response
- Automated investigation and remediation (AIR)
- Microsoft Secure Score for Devices
-
-
- MS Defender for Cloud Apps
- Discover SaaS applications
-
- SaaS Security Posture Management (SSPM)
- Advanced threat protection
- App to app protection with app governance
- Proactively assess your identity posture
- Detect threats, using real-time analytics and data intelligence
- Investigate alerts and user activities
-
- MS Defender Vulnerability Management
- Continuous asset discovery and monitoring
- Risk-based intelligent prioritization
-
- MS Defender Threat Intelligence
-
-
-
-
- MS Defender for Office 365 - Email & collaboration
-
-
-
-
-
-
- Attack simulation training
-
- MS Defender for Endpoints - Endpoints
-
-
-
- MS Defender for Cloud Apps - Cloud apps
-
-
-
-
-
-
-
-
- MS Defender for Identity - Identities
-
-
-
- MS Defender Threat Intelligence - Threat intelligence
-
-
-
-
- MS Copilot for Security integration with MS Threat Intelligence
-
-
-
-
-
-
-
-
- Copilot integration with MS Defender XDR
-
- Natural language to KQL for Microsoft Defender XDR
-
-
- Analyze scripts and codes
-
-
-
- Summarize devices and identities
- Move to standalone experience
- Capabilities of MS Priva and MS Purview
- MS Service Trust Portal & privacy capabilities
-
- Certifications, Regulations and Standards
- Reports, Whitepapers and Artifacts
- Industry and Regional Resources
- Resources for your Organization
-
- Microsoft's privacy principles
-
-
-
-
- No content-based targeting
-
-
- Personalized customer experience
-
-
- Find and mitigate data transfers
-
- Consent Management (preview)
- Privacy Assessments (preview)
- Tracker Scanning (preview)
-
- Data security solutions of MS Purview
- Data classification capabilities
- Sensitive information types (SIT)
-
- Custom trainable classifiers
- Understand and explore the data
-
-
-
-
-
- Apply the label automatically
- Protect content in containers such as sites and groups
- Extend sensitivity labels to third-party apps and services
- Classify content without using any protection settings
- Data loss prevention (DLP)
- Protective actions of DLP policies
-
- Block the sharing with override option
- Block the sharing without override option
- For data at rest lock sensitive items and move to quarantine
- For Teams chat hide the sensitive information
-
-
-
- Integration with MS Copilot for Security
-
-
-
- Integration with MS Copilot for Security
-
-
-
-
- Choose the users and groups that can see labels
-
- Require justifications for label changes
- Require users to apply a label (mandatory labeling)
- Link users to custom help pages
- Data compliance solutions of MS Purview
- Audit Standard (default) - retention 180 days
-
- Supported MS 365 solutions
-
-
-
-
-
-
- Escalate from trigger event
-
- Search, evaluate results, and refine
-
- Review and take action from review sets
- Features and capabilities
-
-
- Place content locations on hold
-
-
- Conversation threading (premium)
- Integration with MS Copilot for Security
-
-
-
-
- Benefits of Compliance Manager
-
-
- Integration with MS Copilot for Security
- Data Lifecycle Management
- Retention policies & retention labels
-
-
- Labeling content as a record
- Establishing retention and deletion policies within the record label
- Triggering event-based retention
- Reviewing and validating disposition
- Proof of records deletion
- Exporting information about disposed items
- Records vs Regulatory Records
-
- Data governance solutions of MS Purview
- Concepts and benefits of data governance
-
- Data roles and responsibilities
-
-
-
-
-
-
-