- Article
Purpose of this document
This study guide should help you understand what to expect on the examand includes a summary of the topics the exam might cover and links toadditional resources. The information and materials in this documentshould help you focus your studies as you prepare for the exam.
| Useful links | Description |
|---|---|
| Review the skills measured as of April 25, 2024 | This list represents the skills measured AFTER the date provided. Study this list if you plan to take the exam AFTER that date. |
| Review the skills measured prior to April 25, 2024 | Study this list of skills if you take your exam PRIOR to the date provided. |
| Change log | You can go directly to the change log if you want to see the changes that will be made on the date provided. |
| How to earn the certification | Some certifications only require passing one exam, while others require passing multiple exams. |
| Your Microsoft Learn profile | Connecting your certification profile to Microsoft Learn allows you to schedule and renew exams and share and print certificates. |
| Exam scoring and score reports | A score of 700 or greater is required to pass. |
| Exam sandbox | You can explore the exam environment by visiting our exam sandbox. |
| Request accommodations | If you use assistive devices, require extra time, or need modification to any part of the exam experience, you can request an accommodation. |
| Take a free Practice Assessment | Test your skills with practice questions to help you prepare for the exam. |
Updates to the exam
Our exams are updated periodically to reflect skills that are requiredto perform a role. We have included two versions of the Skills Measuredobjectives depending on when you are taking the exam.
We always update the English language version of the exam first. Someexams are localized into other languages, and those are updatedapproximately eight weeks after the English version is updated. WhileMicrosoft makes every effort to update localized versions as noted,there may be times when the localized versions of an exam are notupdated on this schedule. Other available languages are listed in theSchedule Exam section of the Exam Details webpage. If the examisn't available in your preferred language, you can request anadditional 30 minutes to complete the exam.
Note
The bullets that follow each of the skills measured are intended toillustrate how we are assessing that skill. Related topics may becovered in the exam.
Note
Most questions cover features that are general availability (GA). Theexam may contain questions on Preview features if those features arecommonly used.
Skills measured as of April 25, 2024
Audience profile
This exam is targeted to you, if you’re looking to familiarize yourselfwith the fundamentals of security, compliance, and identity (SCI) acrosscloud-based and related Microsoft services.
If you have an interest in Microsoft SCI solutions, this exam is foryou, whether you’re a:
Business stakeholder
New or existing IT professional
Student
You should be familiar with Microsoft Azure and Microsoft 365 and wantto understand how Microsoft SCI solutions can span across these solutionareas to provide a holistic and end-to-end solution.
Skills at a glance
Describe the concepts of security, compliance, and identity (10–15%)
Describe the capabilities of Microsoft Entra (25–30%)
Describe the capabilities of Microsoft security solutions (35–40%)
Describe the capabilities of Microsoft compliance solutions (20–25%)
Describe the concepts of security, compliance, and identity (10–15%)
Describe security and compliance concepts
Describe the shared responsibility model
Describe defense-in-depth
Describe the Zero Trust model
Describe encryption and hashing
Describe Governance, Risk, and Compliance (GRC) concepts
Define identity concepts
Define identity as the primary security perimeter
Define authentication
Define authorization
Describe identity providers
Describe the concept of directory services and Active Directory
Describe the concept of federation
Describe the capabilities of Microsoft Entra (25–30%)
Describe function and identity types of Microsoft Entra ID
Describe Microsoft Entra ID
Describe types of identities
Describe hybrid identity
Describe authentication capabilities of Microsoft Entra ID
Describe the authentication methods
Describe multi-factor authentication (MFA)
Describe password protection and management capabilities
Describe access management capabilities of Microsoft Entra ID
Describe Conditional Access
Describe Microsoft Entra roles and role-based access control (RBAC)
Describe identity protection and governance capabilities of Microsoft Entra
Describe Microsoft Entra ID Governance
Describe access reviews
Describe the capabilities of Microsoft Entra Privileged IdentityManagement
Describe Entra ID Protection
Describe Microsoft Entra Permissions Management
Describe the capabilities of Microsoft security solutions (35–40%)
Describe core infrastructure security services in Azure
Describe Azure distributed denial-of-service (DDoS) Protection
Describe Azure Firewall
Describe Web Application Firewall (WAF)
Describe network segmentation with Azure virtual networks
Describe network security groups (NSGs)
Describe Azure Bastion
Describe Azure Key Vault
Describe security management capabilities of Azure
Describe Microsoft Defender for Cloud
Describe Cloud Security Posture Management (CSPM)
Describe how security policies and initiatives improve the cloudsecurity posture
Describe enhanced security features provided by cloud workloadprotection
Describe capabilities of Microsoft Sentinel
Define the concepts of security information and event management(SIEM) and security orchestration automated response (SOAR)
Describe threat detection and mitigation capabilities in MicrosoftSentinel
Describe threat protection with Microsoft Defender XDR
Describe Microsoft Defender XDR services
Describe Microsoft Defender for Office 365
Describe Microsoft Defender for Endpoint
Describe Microsoft Defender for Cloud Apps
Describe Microsoft Defender for Identity
Describe Microsoft Defender Vulnerability Management
Describe Microsoft Defender Threat Intelligence (Defender TI)
Describe the Microsoft Defender portal
Describe the capabilities of Microsoft compliance solutions (20–25%)
Describe Microsoft Service Trust Portal and privacy principles
Describe the Service Trust Portal offerings
Describe the privacy principles of Microsoft
Describe Microsoft Priva
Describe compliance management capabilities of Microsoft Purview
Describe the Microsoft Purview compliance portal
Describe Compliance Manager
Describe the uses and benefits of compliance score
Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview
Describe the data classification capabilities
Describe the benefits of Content explorer and Activity explorer
Describe sensitivity labels and sensitivity label policies
Describe data loss prevention (DLP)
Describe records management
Describe retention policies, retention labels, and retention labelpolicies
Describe unified data governance solutions in Microsoft Purview
Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview
Describe insider risk management
Describe eDiscovery solutions in Microsoft Purview
Describe audit solutions in Microsoft Purview
Study resources
We recommend that you train and get hands-on experience before you takethe exam. We offer self-study options and classroom training as well aslinks to documentation, community sites, and videos.
| Study resources | Links to learning and documentation |
|---|---|
| Get trained | Choose from self-paced learning paths and modules or take an instructor-led course |
| Find documentation | Microsoft security documentation Azure security documentation Microsoft Entra ID documentation Microsoft Sentinel documentation Microsoft 365 Defender documentation Microsoft Purview Get started with the Microsoft Service Trust Portal |
| Ask a question | |
| Get community support | Security, compliance, and identity community hub |
| Follow Microsoft Learn | Microsoft Learn - Microsoft Tech Community |
| Find a video | Exam Readiness Zone Microsoft Learn Shows |
Change log
Key to understanding the table: The topic groups (also known asfunctional groups) are in bold typeface followed by the objectiveswithin each group. The table is a comparison between the two versions ofthe exam skills measured and the third column describes the extent ofthe changes.
| Skill area prior to April 25, 2024 | Skill area as of April 25, 2024 | Change |
|---|---|---|
| Audience profile | No change | |
| Describe the concepts of security, compliance, and identity | Describe the concepts of security, compliance, and identity | No change |
| Describe security and compliance concepts | Describe security and compliance concepts | No change |
| Define identity concepts | Define identity concepts | No change |
| Describe the capabilities of Microsoft Entra | Describe the capabilities of Microsoft Entra | No change |
| Describe function and identity types of Microsoft Entra ID | Describe function and identity types of Microsoft Entra ID | No change |
| Describe authentication capabilities of Microsoft Entra ID | Describe authentication capabilities of Microsoft Entra ID | No change |
| Describe access management capabilities of Microsoft Entra ID | Describe access management capabilities of Microsoft Entra ID | No change |
| Describe identity protection and governance capabilities of Microsoft Entra | Describe identity protection and governance capabilities of Microsoft Entra | No change |
| Describe the capabilities of Microsoft security solutions | Describe the capabilities of Microsoft security solutions | No change |
| Describe core infrastructure security services in Azure | Describe core infrastructure security services in Azure | No change |
| Describe security management capabilities of Azure | Describe security management capabilities of Azure | No change |
| Describe capabilities of Microsoft Sentinel | Describe capabilities of Microsoft Sentinel | No change |
| Describe threat protection with Microsoft 365 Defender | Describe threat protection with Microsoft Defender XDR | Minor |
| Describe the capabilities of Microsoft compliance solutions | Describe the capabilities of Microsoft compliance solutions | No change |
| Describe Microsoft Service Trust Portal and privacy principles | Describe Microsoft Service Trust Portal and privacy principles | No change |
| Describe compliance management capabilities of Microsoft Purview | Describe compliance management capabilities of Microsoft Purview | No change |
| Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview | Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview | No change |
| Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview | Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview | No change |
Skills measured prior to April 25, 2024
Audience profile
This exam is targeted to you, if you’re looking to familiarize yourselfwith the fundamentals of security, compliance, and identity (SCI) acrosscloud-based and related Microsoft services.
If you have an interest in Microsoft SCI solutions, this exam is foryou, whether you’re a:
Business stakeholder
New or existing IT professional
Student
You should be familiar with Microsoft Azure and Microsoft 365 and wantto understand how Microsoft SCI solutions can span across these solutionareas to provide a holistic and end-to-end solution.
Skills at a glance
Describe the concepts of security, compliance, and identity (10–15%)
Describe the capabilities of Microsoft Entra (25–30%)
Describe the capabilities of Microsoft security solutions (35–40%)
Describe the capabilities of Microsoft compliance solutions (20–25%)
Describe the concepts of security, compliance, and identity (10–15%)
Describe security and compliance concepts
Describe the shared responsibility model
Describe defense-in-depth
Describe the Zero Trust model
Describe encryption and hashing
Describe Governance, Risk, and Compliance (GRC) concepts
Define identity concepts
Define identity as the primary security perimeter
Define authentication
Define authorization
Describe identity providers
Describe the concept of directory services and Active Directory
Describe the concept of federation
Describe the capabilities of Microsoft Entra (25–30%)
Describe function and identity types of Microsoft Entra ID
Describe Microsoft Entra ID
Describe types of identities
Describe hybrid identity
Describe authentication capabilities of Microsoft Entra ID
Describe the authentication methods
Describe multi-factor authentication (MFA)
Describe password protection and management capabilities
Describe access management capabilities of Microsoft Entra ID
Describe Conditional Access
Describe Microsoft Entra roles and role-based access control (RBAC)
Describe identity protection and governance capabilities of Microsoft Entra
Describe Microsoft Entra ID Governance
Describe access reviews
Describe the capabilities of Microsoft Entra Privileged IdentityManagement
Describe Entra ID Protection
Describe Microsoft Entra Permissions Management
Describe the capabilities of Microsoft security solutions (35–40%)
Describe core infrastructure security services in Azure
Describe Azure distributed denial-of-service (DDoS) Protection
Describe Azure Firewall
Describe Web Application Firewall (WAF)
Describe network segmentation with Azure virtual networks
Describe network security groups (NSGs)
Describe Azure Bastion
Describe Azure Key Vault
Describe security management capabilities of Azure
Describe Microsoft Defender for Cloud
Describe Cloud Security Posture Management (CSPM)
Describe how security policies and initiatives improve the cloudsecurity posture
Describe enhanced security features provided by cloud workloadprotection
Describe capabilities of Microsoft Sentinel
Define the concepts of security information and event management(SIEM) and security orchestration automated response (SOAR)
Describe threat detection and mitigation capabilities in MicrosoftSentinel
Describe threat protection with Microsoft 365 Defender
Describe Microsoft 365 Defender services
Describe Microsoft Defender for Office 365
Describe Microsoft Defender for Endpoint
Describe Microsoft Defender for Cloud Apps
Describe Microsoft Defender for Identity
Describe Microsoft Defender Vulnerability Management
Describe Microsoft Defender Threat Intelligence (Defender TI)
Describe the Microsoft 365 Defender portal
Describe the capabilities of Microsoft compliance solutions (20–25%)
Describe Microsoft Service Trust Portal and privacy principles
Describe the Service Trust Portal offerings
Describe the privacy principles of Microsoft
Describe Microsoft Priva
Describe compliance management capabilities of Microsoft Purview
Describe the Microsoft Purview compliance portal
Describe Compliance Manager
Describe the uses and benefits of compliance score
Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview
Describe the data classification capabilities
Describe the benefits of Content explorer and Activity explorer
Describe sensitivity labels and sensitivity label policies
Describe data loss prevention (DLP)
Describe records management
Describe retention policies, retention labels, and retention labelpolicies
Describe unified data governance solutions in Microsoft Purview
Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview
Describe insider risk management
Describe eDiscovery solutions in Microsoft Purview
Describe audit solutions in Microsoft Purview
