Module 01: Describe the concepts of security, compliance, and identity
Describe security and compliance concepts
- Describe the shared responsibility model
- Describe defense-in-depth
- Describe the Zero Trust model
- Describe encryption and hashing
- Describe Governance, Risk, and Compliance (GRC) concepts
Define identity concepts
- Define identity as the primary security perimeter
- Define authentication
- Define authorization
- Describe identity providers
- Describe the concept of directory services and Active Directory
- Describe the concept of federation
Module 02: Describe the capabilities of Microsoft Entra
Describe function and identity types of Microsoft Entra ID
- Describe Microsoft Entra ID
- Describe types of identities
- Describe hybrid identity
Describe authentication capabilities of Microsoft Entra ID
- Describe the authentication methods
- Describe multi-factor authentication (MFA)
- Describe password protection and management capabilities
Describe access management capabilities of Microsoft Entra ID
- Describe Conditional Access
- Describe Microsoft Entra roles and role-based access control (RBAC)
Describe identity protection and governance capabilities of Microsoft Entra
- Describe Microsoft Entra ID Governance
- Describe access reviews
- Describe the capabilities of Microsoft Entra Privileged Identity Management
- Describe Microsoft Entra ID Protection
Module 03: Describe the capabilities of Microsoft security solutions
Describe core infrastructure security services in Azure
- Describe Azure distributed denial-of-service (DDoS) Protection
- Describe Azure Firewall
- Describe Web Application Firewall (WAF)
- Describe network segmentation with Azure virtual networks
- Describe network security groups (NSGs)
- Describe Azure Bastion
- Describe Azure Key Vault
Describe security management capabilities of Azure
- Describe Microsoft Defender for Cloud
- Describe Cloud Security Posture Management (CSPM)
- Describe how security policies and initiatives improve the cloud security posture
- Describe enhanced security features provided by cloud workload protection
Describe capabilities of Microsoft Sentinel
- Define the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)
- Describe threat detection and mitigation capabilities in Microsoft Sentinel
Describe threat protection with Microsoft Defender XDR
- Describe Microsoft Defender XDR services
- Describe Microsoft Defender for Office 365
- Describe Microsoft Defender for Endpoint
- Describe Microsoft Defender for Cloud Apps
- Describe Microsoft Defender for Identity
- Describe Microsoft Defender Vulnerability Management
- Describe Microsoft Defender Threat Intelligence (Defender TI)
- Describe the Microsoft Defender portal
Module 04: Describe the capabilities of Microsoft compliance solutions
Describe Microsoft Service Trust Portal and privacy principles
- Describe the Service Trust Portal offerings
- Describe the privacy principles of Microsoft
- Describe Microsoft Priva
Describe compliance management capabilities of Microsoft Purview
- Describe the Microsoft Purview portal
- Describe Compliance Manager
- Describe the uses and benefits of compliance score
Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview
- Describe the data classification capabilities
- Describe the benefits of Content explorer and Activity explorer
- Describe sensitivity labels and sensitivity label policies
- Describe data loss prevention (DLP)
- Describe records management
- Describe retention policies, retention labels, and retention label policies
Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview
- Describe insider risk management
- Describe eDiscovery solutions in Microsoft Purview
- Describe audit solutions in Microsoft Purview
