Skills at a glance

• Describe the concepts of security, compliance, and identity (10–15%)

• Describe the capabilities of Microsoft Entra (25–30%)

• Describe the capabilities of Microsoft security solutions (35–40%)

• Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe the concepts of security, compliance, and identity (10–15%)

Describe the capabilities of Microsoft Entra (25–30%)

Describe the capabilities of Microsoft security solutions (35–40%)

Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe the concepts of security, compliance, and identity (10–15%)

Describe security and compliance concepts

• Describe the shared responsibility model

• Describe defense-in-depth

• Describe the Zero Trust model

• Describe encryption and hashing

• Describe Governance, Risk, and Compliance (GRC) concepts

Describe the shared responsibility model

Describe defense-in-depth

Describe the Zero Trust model

Describe encryption and hashing

Describe Governance, Risk, and Compliance (GRC) concepts

Define identity concepts

• Define identity as the primary security perimeter

• Define authentication

• Define authorization

• Describe identity providers

• Describe the concept of directory services and Active Directory

• Describe the concept of federation

Define identity as the primary security perimeter

Define authentication

Define authorization

Describe identity providers

Describe the concept of directory services and Active Directory

Describe the concept of federation

Describe the capabilities of Microsoft Entra (25–30%)

Describe function and identity types of Microsoft Entra ID

• Describe Microsoft Entra ID

• Describe types of identities

• Describe hybrid identity

Describe Microsoft Entra ID

Describe types of identities

Describe hybrid identity

Describe authentication capabilities of Microsoft Entra ID

• Describe the authentication methods

• Describe multi-factor authentication (MFA)

• Describe password protection and management capabilities

Describe the authentication methods

Describe multi-factor authentication (MFA)

Describe password protection and management capabilities

Describe access management capabilities of Microsoft Entra ID

• Describe Conditional Access

• Describe Microsoft Entra roles and role-based access control (RBAC)

Describe Conditional Access

Describe Microsoft Entra roles and role-based access control (RBAC)

Describe identity protection and governance capabilities of Microsoft Entra

• Describe Microsoft Entra ID Governance

• Describe access reviews

• Describe the capabilities of Microsoft Entra Privileged Identity Management

• Describe Microsoft Entra ID Protection

• Describe Microsoft Entra Permissions Management

Describe Microsoft Entra ID Governance

Describe access reviews

Describe the capabilities of Microsoft Entra Privileged Identity Management

Describe Microsoft Entra ID Protection

Describe Microsoft Entra Permissions Management

Describe the capabilities of Microsoft security solutions (35–40%)

Describe core infrastructure security services in Azure

• Describe Azure distributed denial-of-service (DDoS) Protection

• Describe Azure Firewall

• Describe Web Application Firewall (WAF)

• Describe network segmentation with Azure virtual networks

• Describe network security groups (NSGs)

• Describe Azure Bastion

• Describe Azure Key Vault

Describe Azure distributed denial-of-service (DDoS) Protection

Describe Azure Firewall

Describe Web Application Firewall (WAF)

Describe network segmentation with Azure virtual networks

Describe network security groups (NSGs)

Describe Azure Bastion

Describe Azure Key Vault

Describe security management capabilities of Azure

• Describe Microsoft Defender for Cloud

• Describe Cloud Security Posture Management (CSPM)

• Describe how security policies and initiatives improve the cloud security posture

• Describe enhanced security features provided by cloud workload protection

Describe Microsoft Defender for Cloud

Describe Cloud Security Posture Management (CSPM)

Describe how security policies and initiatives improve the cloud security posture

Describe enhanced security features provided by cloud workload protection

Describe capabilities of Microsoft Sentinel

• Define the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)

• Describe threat detection and mitigation capabilities in Microsoft Sentinel

Define the concepts of security information and event management (SIEM) and security orchestration automated response (SOAR)

Describe threat detection and mitigation capabilities in Microsoft Sentinel

Describe threat protection with Microsoft Defender XDR

• Describe Microsoft Defender XDR services

• Describe Microsoft Defender for Office 365

• Describe Microsoft Defender for Endpoint

• Describe Microsoft Defender for Cloud Apps

• Describe Microsoft Defender for Identity

• Describe Microsoft Defender Vulnerability Management

• Describe Microsoft Defender Threat Intelligence (Defender TI)

• Describe the Microsoft Defender portal

Describe Microsoft Defender XDR services

Describe Microsoft Defender for Office 365

Describe Microsoft Defender for Endpoint

Describe Microsoft Defender for Cloud Apps

Describe Microsoft Defender for Identity

Describe Microsoft Defender Vulnerability Management

Describe Microsoft Defender Threat Intelligence (Defender TI)

Describe the Microsoft Defender portal

Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe Microsoft Service Trust Portal and privacy principles

• Describe the Service Trust Portal offerings

• Describe the privacy principles of Microsoft

• Describe Microsoft Priva

Describe the Service Trust Portal offerings

Describe the privacy principles of Microsoft

Describe Microsoft Priva

Describe compliance management capabilities of Microsoft Purview

• Describe the Microsoft Purview compliance portal

• Describe Compliance Manager

• Describe the uses and benefits of compliance score

Describe the Microsoft Purview compliance portal

Describe Compliance Manager

Describe the uses and benefits of compliance score

Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview

• Describe the data classification capabilities

• Describe the benefits of Content explorer and Activity explorer

• Describe sensitivity labels and sensitivity label policies

• Describe data loss prevention (DLP)

• Describe records management

• Describe retention policies, retention labels, and retention label policies

• Describe unified data governance solutions in Microsoft Purview

Describe the data classification capabilities

Describe the benefits of Content explorer and Activity explorer

Describe sensitivity labels and sensitivity label policies

Describe data loss prevention (DLP)

Describe records management

Describe retention policies, retention labels, and retention label policies

Describe unified data governance solutions in Microsoft Purview

Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview

• Describe insider risk management

• Describe eDiscovery solutions in Microsoft Purview

• Describe audit solutions in Microsoft Purview

Describe insider risk management

Describe eDiscovery solutions in Microsoft Purview

Describe audit solutions in Microsoft Purview