0% found this document useful (0 votes)

11 views

SC-900 Resume - 3

The document outlines the capabilities of Microsoft Identity and Access Management solutions, focusing on identity principles, authentication methods, access management, and identity protection. Key features include Single Sign-On (SSO), Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), and Microsoft Entra ID functionalities. It emphasizes the importance of secure authentication, access control, and identity lifecycle management to mitigate risks and enhance user experience.

Uploaded by

userg

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

11 views

SC-900 Resume - 3

Uploaded by

userg

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 4

SC-900 Module 2: Describe the Capabilities

of Microsoft Identity and Access

Management Solutions
1. Identity Principles and Functions
Identity Principles (Concepts)

 Identity → A digital representation of a user, device, or app.

 Authentication → Verifies identity (e.g., password, MFA).
 Authorization → Grants or denies access based on policies.
 Access Control → Ensures users have the right level of access.

Identity Functions (Actions performed by identity systems)

 User Authentication → Ensures only authorized users access resources.

 Access Management → Controls permissions using policies like RBAC.
 Identity Protection → Detects and mitigates identity risks.
 Lifecycle Management → Automates user provisioning and deprovisioning.

2. Authentication Capabilities
2.1 Describe Authentication Methods

 Single Sign-On (SSO) → One login for multiple apps and services.
 Passwordless Authentication → Uses FIDO2 security keys, biometrics, or
Authenticator app instead of passwords.
 Windows Hello for Business → Uses PIN or biometrics for secure authentication.

2.2 Describe Multi-Factor Authentication (MFA)

 MFA → Requires multiple authentication factors (e.g., password + SMS code).

 Methods:
o Something you know → Password, PIN.
o Something you have → Authenticator app, FIDO2 security key.
o Something you are → Fingerprint, face recognition.

2.3 Describe Password Protection and Management Capabilities

 Azure AD Password Protection → Blocks weak or leaked passwords.
 Self-Service Password Reset (SSPR) → Users can reset their passwords securely.
 Smart Lockout → Detects and blocks brute-force login attempts.

3. Access Management Capabilities

3.1 Describe Single Sign-On (SSO) Capabilities

 SSO → One authentication grants access to multiple applications.

 Benefits → Improves security and user experience.

3.2 Describe Conditional Access

 Conditional Access → Enforces security policies based on risk signals (user, device,
location).
 Examples:
o Require MFA for high-risk sign-ins.
o Block access from unknown locations.

3.3 Describe Role-Based Access Control (RBAC)

 RBAC → Assigns permissions based on predefined roles (e.g., Admin, Reader).

 Principle of Least Privilege → Users get only the access they need.

3.4 Describe Workload Identities

 Workload Identities → Secure authentication for apps, services, and automation.

4. Identity Protection and Governance Capabilities

4.1 Describe Microsoft Entra ID Protection

 Entra ID Protection → Detects risky sign-ins and compromised accounts.

 Risk Policies:
o Sign-in risk (e.g., unusual location).
o User risk (e.g., leaked credentials).

4.2 Describe Privileged Identity Management (PIM)

 PIM → Provides temporary, just-in-time (JIT) admin access.

 Reduces Risk → Prevents over-privileged accounts.

4.3 Describe Access Reviews

 Access Reviews → Periodically verify if users still need access.

4.4 Describe Identity Lifecycle Management

 Automates user provisioning based on roles and group memberships.

 Removes access automatically when an employee leaves.

5. Microsoft Entra ID Capabilities

5.1 Microsoft Entra ID (Azure AD)

 Manages user identities and access to resources.

 Supports hybrid identity (on-prem + cloud).

5.2 Microsoft Entra Permissions Management

 Monitors and controls permissions across multi-cloud environments (Azure, AWS,

GCP).

5.3 Microsoft Entra Verified ID

 Issues verifiable digital credentials to confirm identities securely without storing

unnecessary personal data.
 Example: A company issues an employee a Verified ID instead of storing ID card
details.

5.4 Microsoft Entra Workload ID

 Protects non-human identities (apps, services, automation).

Summary Table

Category What it Covers Examples

Identity Principles & Authentication, Authorization, Access
Concepts and core functions
Functions Control
Authentication Secure authentication MFA, SSO, Passwordless, FIDO2
Category What it Covers Examples
Capabilities methods
Access Management Controlling access to
RBAC, Conditional Access, SSO
Capabilities resources
Identity Protection & Detecting and managing PIM, Identity Protection, Access
Governance identity risks Reviews
Microsoft Entra ID Permissions Management, Verified
Features of Entra ID
Capabilities ID, Workload ID

Microsoft Entra Identity and Access Presentation
No ratings yet
Microsoft Entra Identity and Access Presentation
61 pages
Exam Ref SC-900 Microsoft Security, Compliance, and Identity Fundamentals Second Edition
No ratings yet
Exam Ref SC-900 Microsoft Security, Compliance, and Identity Fundamentals Second Edition
420 pages
SC 300T00A ENU PowerPoint 01
No ratings yet
SC 300T00A ENU PowerPoint 01
50 pages
Mitesh Adhar Card
No ratings yet
Mitesh Adhar Card
1 page
AZURE AZ 500 STUDY GUIDE-1: Microsoft Certified Associate Azure Security Engineer: Exam-AZ 500
From Everand
AZURE AZ 500 STUDY GUIDE-1: Microsoft Certified Associate Azure Security Engineer: Exam-AZ 500
Mamta Devi
No ratings yet
Dlextarctmain Do
No ratings yet
Dlextarctmain Do
1 page
Exam SC 900 Microsoft Security Compliance and Identity Fundamentals Skills Measured
No ratings yet
Exam SC 900 Microsoft Security Compliance and Identity Fundamentals Skills Measured
9 pages
MS 100T03A ENU TrainerHandbook PDF
No ratings yet
MS 100T03A ENU TrainerHandbook PDF
85 pages
SC-900 Resume - 2
No ratings yet
SC-900 Resume - 2
4 pages
SC-900 Resume
No ratings yet
SC-900 Resume
14 pages
1 (5)
No ratings yet
1 (5)
32 pages
Define Identity and Access Management in Azure Active Directory
No ratings yet
Define Identity and Access Management in Azure Active Directory
27 pages
Microsoft Certified Security Compliance and Identity Fundamentals Skills Measured
No ratings yet
Microsoft Certified Security Compliance and Identity Fundamentals Skills Measured
4 pages
security compliance and identity fundamentals
No ratings yet
security compliance and identity fundamentals
104 pages
SC-900 Exam Prep
No ratings yet
SC-900 Exam Prep
3 pages
6 CertLibrary - Com SC 900
No ratings yet
6 CertLibrary - Com SC 900
9 pages
1 (4)
No ratings yet
1 (4)
22 pages
Exam SC 900 Microsoft Security Compliance and Identity Fundamentals Skills Measured
No ratings yet
Exam SC 900 Microsoft Security Compliance and Identity Fundamentals Skills Measured
8 pages
Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals - Skills Measured
No ratings yet
Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals - Skills Measured
8 pages
Introduction to Cloud Computing and Data Access Control
No ratings yet
Introduction to Cloud Computing and Data Access Control
11 pages
Microsoft Virtual Training Day Security Compliance and Identity Fundamentals
No ratings yet
Microsoft Virtual Training Day Security Compliance and Identity Fundamentals
130 pages
49_Erica_CC Exp 8c
No ratings yet
49_Erica_CC Exp 8c
8 pages
Krisp Summary
No ratings yet
Krisp Summary
3 pages
SC 900T00A ENU PowerPoint - 01
No ratings yet
SC 900T00A ENU PowerPoint - 01
20 pages
AZ 101T04A ENU TrainerHandbook PDF
100% (2)
AZ 101T04A ENU TrainerHandbook PDF
62 pages
SC-900 Study Guide _ Quill Learning
No ratings yet
SC-900 Study Guide _ Quill Learning
60 pages
Fast Lane Ms SC 900t00
0% (1)
Fast Lane Ms SC 900t00
3 pages
Microsoft Security, Compliance, and Identity Fundamentals: ID MS-SC-900T00 Price On Request Duration 1 Day
No ratings yet
Microsoft Security, Compliance, and Identity Fundamentals: ID MS-SC-900T00 Price On Request Duration 1 Day
3 pages
Describe The Concepts of Security, Compliance, and Identity: 3. Define Defense in Depth
No ratings yet
Describe The Concepts of Security, Compliance, and Identity: 3. Define Defense in Depth
68 pages
MS 500T01A ENU TrainerHandbook
100% (1)
MS 500T01A ENU TrainerHandbook
172 pages
Sample
No ratings yet
Sample
44 pages
Describe The Concepts of Security, Compliance, and Identity (5-10%)
No ratings yet
Describe The Concepts of Security, Compliance, and Identity (5-10%)
3 pages
Correct: Sorting by
No ratings yet
Correct: Sorting by
57 pages
AZURE ACCESS AND Security
No ratings yet
AZURE ACCESS AND Security
20 pages
20BEC1278 ECE1902 Report
No ratings yet
20BEC1278 ECE1902 Report
11 pages
CC Exp 8 66
No ratings yet
CC Exp 8 66
8 pages
Use of Identiity Services
No ratings yet
Use of Identiity Services
5 pages
Describe Security and Compliance Concepts: 1. Describe The Shared Responsibility Model
No ratings yet
Describe Security and Compliance Concepts: 1. Describe The Shared Responsibility Model
71 pages
Complete Download (Ebook) Exam Ref SC-900 Microsoft Security, Compliance, and Identity Fundamentals by Yuri Diogenes;Nicholas DiCola;Mark Morowczynski;Kevin McKinnerney; ISBN 9780138363734, 0138363730 PDF All Chapters
100% (3)
Complete Download (Ebook) Exam Ref SC-900 Microsoft Security, Compliance, and Identity Fundamentals by Yuri Diogenes;Nicholas DiCola;Mark Morowczynski;Kevin McKinnerney; ISBN 9780138363734, 0138363730 PDF All Chapters
71 pages
sc 900
No ratings yet
sc 900
41 pages
SC 900
No ratings yet
SC 900
9 pages
microsoft entra
No ratings yet
microsoft entra
14 pages
VN Skills Azure
No ratings yet
VN Skills Azure
54 pages
Microsoft Cybersecurity Solutions Group
100% (5)
Microsoft Cybersecurity Solutions Group
63 pages
MCF OD Security Compliance Identity Fundamentals SC-900 0423
No ratings yet
MCF OD Security Compliance Identity Fundamentals SC-900 0423
2 pages
Microsoft Actualtests SC-900 v2021-06-04 by Jack 16q
No ratings yet
Microsoft Actualtests SC-900 v2021-06-04 by Jack 16q
9 pages
An Executive Guide to Identity Access Management - 2nd Edition
From Everand
An Executive Guide to Identity Access Management - 2nd Edition
alasdair gilchrist
4/5 (3)
IAM
No ratings yet
IAM
26 pages
Identity Integrations
No ratings yet
Identity Integrations
7 pages
IAM_QB_6MARKS
No ratings yet
IAM_QB_6MARKS
11 pages
Azure IdentityAccessSecurity (1)
No ratings yet
Azure IdentityAccessSecurity (1)
49 pages
Gcf (Azure) Unit-3 Ppt
No ratings yet
Gcf (Azure) Unit-3 Ppt
22 pages
RBAC ROLE New
No ratings yet
RBAC ROLE New
16 pages
MS-900.1 Microsoft 365 Fundamentals: Subtitle or Speaker Name
100% (1)
MS-900.1 Microsoft 365 Fundamentals: Subtitle or Speaker Name
44 pages
Hyrdh
No ratings yet
Hyrdh
1 page
Reading Material - Azure - Mansi - Unit 3
No ratings yet
Reading Material - Azure - Mansi - Unit 3
18 pages
SC-900 2022
No ratings yet
SC-900 2022
410 pages
Regulatory Compliance Using Identity Management
No ratings yet
Regulatory Compliance Using Identity Management
16 pages
Original
No ratings yet
Original
38 pages
The Keycloak Handbook: Practical Techniques for Identity and Access Management
From Everand
The Keycloak Handbook: Practical Techniques for Identity and Access Management
Robert Johnson
No ratings yet
Building Secure APIs with Express: Authentication and Authorization Best Practices for JavaScript Apps
From Everand
Building Secure APIs with Express: Authentication and Authorization Best Practices for JavaScript Apps
Aarav Joshi
No ratings yet
Force No
No ratings yet
Force No
1 page
Scomp Assignment
No ratings yet
Scomp Assignment
4 pages
subscriber modification form - s2 (1)
No ratings yet
subscriber modification form - s2 (1)
8 pages
Access Control Quick Reference Guide
No ratings yet
Access Control Quick Reference Guide
3 pages
Hons_AdmitCard_2024_2025_HONS_5145549
No ratings yet
Hons_AdmitCard_2024_2025_HONS_5145549
1 page
BODS Mock Opens 2024
No ratings yet
BODS Mock Opens 2024
39 pages
C Tpat
No ratings yet
C Tpat
4 pages
ITB Summer Course-Summary
No ratings yet
ITB Summer Course-Summary
2 pages
Advanced Education
No ratings yet
Advanced Education
6 pages
Internet Banking Application Form PDF
No ratings yet
Internet Banking Application Form PDF
3 pages
Blank KYC
No ratings yet
Blank KYC
2 pages
Joe Work Resume January 2010
No ratings yet
Joe Work Resume January 2010
2 pages
Consent Letter
No ratings yet
Consent Letter
1 page
01-Central de Deteção-Honeywell-Galaxy Dimension 96-Manual de Utilizador - en
No ratings yet
01-Central de Deteção-Honeywell-Galaxy Dimension 96-Manual de Utilizador - en
48 pages
ISO 27000 Series of Standards (27001, 27002, 27003, 27004, 27005)
100% (1)
ISO 27000 Series of Standards (27001, 27002, 27003, 27004, 27005)
94 pages
Biostar 1.92 Administrator Guide en
No ratings yet
Biostar 1.92 Administrator Guide en
315 pages
GRC 12
100% (1)
GRC 12
52 pages
ais
No ratings yet
ais
21 pages
Biometrics Deployment of Machine Readable Travel Documents 2004
No ratings yet
Biometrics Deployment of Machine Readable Travel Documents 2004
60 pages
C0001123183P-JoineeMastersheetIntern-638381400469476645
No ratings yet
C0001123183P-JoineeMastersheetIntern-638381400469476645
9 pages
Saudi Arabia Localisation User Guide (ODOO V10) Table of Content (PDFDrive)
No ratings yet
Saudi Arabia Localisation User Guide (ODOO V10) Table of Content (PDFDrive)
63 pages
Graphical Authentication System
No ratings yet
Graphical Authentication System
4 pages
Adobe Scan 02 Jan 2024
No ratings yet
Adobe Scan 02 Jan 2024
3 pages
Belco Door Access Control Manual Da3000
No ratings yet
Belco Door Access Control Manual Da3000
1 page
Keys For @destarasyah
No ratings yet
Keys For @destarasyah
2 pages
Stok Zkteco Ims Online 10092024
No ratings yet
Stok Zkteco Ims Online 10092024
14 pages
EMVCo A Guide To EMV-Presentation 20110512031135763
No ratings yet
EMVCo A Guide To EMV-Presentation 20110512031135763
39 pages
Comptia Security Sy0 501 Exam Objectives
No ratings yet
Comptia Security Sy0 501 Exam Objectives
20 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

SC-900 Resume - 3

Uploaded by

SC-900 Resume - 3

Uploaded by

SC-900 Module 2: Describe the Capabilities

of Microsoft Identity and Access

 Identity → A digital representation of a user, device, or app.

Identity Functions (Actions performed by identity systems)

 User Authentication → Ensures only authorized users access resources.

2.2 Describe Multi-Factor Authentication (MFA)

 MFA → Requires multiple authentication factors (e.g., password + SMS code).

2.3 Describe Password Protection and Management Capabilities

3. Access Management Capabilities

 SSO → One authentication grants access to multiple applications.

3.2 Describe Conditional Access

3.3 Describe Role-Based Access Control (RBAC)

 RBAC → Assigns permissions based on predefined roles (e.g., Admin, Reader).

3.4 Describe Workload Identities

 Workload Identities → Secure authentication for apps, services, and automation.

4. Identity Protection and Governance Capabilities

 Entra ID Protection → Detects risky sign-ins and compromised accounts.

4.2 Describe Privileged Identity Management (PIM)

 PIM → Provides temporary, just-in-time (JIT) admin access.

4.3 Describe Access Reviews

 Access Reviews → Periodically verify if users still need access.

4.4 Describe Identity Lifecycle Management

 Automates user provisioning based on roles and group memberships.

5. Microsoft Entra ID Capabilities

 Manages user identities and access to resources.

5.2 Microsoft Entra Permissions Management

 Monitors and controls permissions across multi-cloud environments (Azure, AWS,

5.3 Microsoft Entra Verified ID

 Issues verifiable digital credentials to confirm identities securely without storing

5.4 Microsoft Entra Workload ID

 Protects non-human identities (apps, services, automation).

Category What it Covers Examples

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.