You are currently viewing Understanding Microsoft Newly Introduced Security Certifications

Understanding Microsoft Newly Introduced Security Certifications

Table of Content
Introduction
IMPORTANT About beta exams
Microsoft Announcement Video
SC-900 : Microsoft Security, Compliance, and Identity Fundamentals (beta)
SC-200: Microsoft Security Operations Analyst (beta)
SC-300: Microsoft Identity and Access Administrator(beta)
SC-400: Microsoft Information Protection Administrator(beta)
Preparation and Resources
Other Security Certs
Conclusion

Introduction

Security is everyone’s responsibility and we are all in this together. It’s also a well-established fact that Humans are the weakest link in cybersecurity. No matter how strong your Intrusion Detection/Prevention System (IDS/IPS), Firewalls, encryption systems, or endpoint-protection systems are, YOU are the weakest link! We are into the second era of digital transformation where the ZERO TRUST model is widely getting accepted by organizations in order to ensure secure infrastructure. Every human element, be it security guard, technical/non-technical folks to the CEO of a company can be a target for attackers in one way or another.  Spreading awareness, Educating, and Training properly to every human link has become one the most crucial aspects of achieving cybersecurity assurance.

Keeping these things in mind Microsoft announced four new security certifications (beta) exams in #MSIgnite this year. It’s not that Microsoft did not have security certifications from before, but this time they are bringing Role-based security certifications which will fit as per your role in the organization. It is also valuable to choose and get yourself trained with these certifications based on where you are in your cybersecurity journey.

Microsoft is one of the biggest providers of software tools and services for the longest time, now I can say with confidence that Microsoft is one of the leading security companies as well; five years ago, this was not the case. I am really happy to see how Microsoft is coming big in this domain, by bringing various core security tools, services, and multiples security certifications exams.

Read along to know more about all four exams and a list of all free resources where you can get started –

IMPORTANT
About Beta Exams

These exams are in a beta state which means you will get the result of the exams when they are live.  You can also get around 80% discount by applying a discount code. Beta codes are not applicable for countries like Turkey, Pakistan, India, and China. 

Watch the course announcement video

1. SC-900 : Microsoft Security, Compliance, and Identity Fundamentals

About the certification – This certification is targeted at candidates looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. 900 series of exams are fundamental level exams.  Microsoft has already many fundamental certifications exams for other domains such as AZ – 900 – Azure Fundamentals, MS 900 – Microsoft 365 Fundamentals, PL-900 Power Platform Fundamentals, AI – 900 Azure AI Fundamentals. DP-900 – Azure Data Fundamentals, MB-900 Microsoft Dynamics 365  Fundamentals. 

Audience – This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.

Prerequisite – Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.

Skills measured

  • Describe the concepts of security, compliance, and identity.

  • Describe the capabilities of Microsoft identity and access management solutions (25-30%)

  • Describe the capabilities of Microsoft security solutions (30-35%)

  • Describe the capabilities of Microsoft compliance solutions (25-30%)

Download thedetailed  exam skills outline directly from Microsoft  official page

2. SC-200: Microsoft Security Operations Analyst

About the certification – This course is designed for SOC analyst who works using threat management, monitoring, and other SIEM tools in order reduce organizational security risk by communicating with different stakeholders. The role primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. This exam measures your ability to perform technical tasks such as mitigating threats using Microsft 365 defender, Azure Defender, and Azure Sentinel.

Audience – SOC Analysts, Security Researchers, and Service Desk technical folks wanting to make a career in the cybersecurity domain but not limited to these.

Prerequisite – There are no prerequisite exams/ certifications for SC-200 however candidates having fundamentally strong on contents of AZ-900 – Azure Fundamentals, MS-900 Microsoft 365 Fundamentals, and SC-900 – Security Fundamentals will thrive quickly.

Skill Measured

  • Mitigate threats using Microsoft 365 Defender (25-30%)

  • Mitigate threats using Azure Defender (25-30%)

  • Mitigate threats using Azure Sentinel (40-45%)

Download detailed exam skills outline

 

3. SC-300: Microsoft Identity and Access Administrator

About the certification – Identity is one of the most crucial parts of ZERO Trust Architecture This exam ensures that you have the right skills to design, implement, and operate organizations’ IAM systems using Aure AD. It also ensures that you manage Authorizations and Authentications for enterprise. 

Audience – IAM Administrators for hybrid infrastructure, but ofcourse not limited to those only.

Prerequisite – There are no prerequisite exams for for SC-300 however candidates with good understanding of how hybrid infrastructure works.

Skill Measured

  • Implement an identity management solution (25-30%)

  • Implement an authentication and access management solution (25-30%)

  • Implement access management for apps (10-15%)

  • Plan and implement an identity governance strategy (25-30%)

Download detailed exam skills outline

4. SC-400: Microsoft Information Protection Administrator

About the certification – All the security practices we do is eventually to secure the data/information of an enterprise. SC-400 measures your ability to accomplish the technical tasks of implementing information protection; data loss prevention(DLP); and information governance.

Audience – Anyone who is working with different stakeholders to put policies in place in order to protect information around cloud-native or hybrid infrastructure.

Prerequisite – No prerequisites but technical folks having experience in policy making, governance, or fundamentals of cybersecurity will have easy to grasp. 

Skill Measured

  • Implement information protection (35-40%)

  • Implement data loss prevention (30-35%)

  • Implement information governance (25-30%)

Download detailed exam skills outline

Preparation and Resources

Exam/Certification Name

SC-900: Microsoft Security, Compliance, and Identity Fundamentals

SC-200: Microsoft Security Operations Analyst

SC-300: Microsoft Identity and Access Administrator

SC-400: Microsoft Information Protection Administrator

Other Security Certs from Microsoft

Microsoft has already other security exams which are most likely remain unchanged as the newly announced certifications exams are specific role-based.  It will be out of scope of this article to go in detail of these exams. Click on the link below to know the details about these courses from Microsoft official page.

Exam AZ-500: Microsoft Azure Security Technologies

Exam MS-500: Microsoft 365 Security Administration

Exam MS-101: Microsoft 365 Mobility and Security

Conclusion

Security is changing every moment because of the continuous making and breaking by people wearing different HATS.  The only way to thrive in this domain to be as dynamic as the field of cybersecurity is. ‘LEARN, APPLY, and REPEAT’ is the key. I wish you great success in achieving a new high every day. Let’s learn technology and apply it to the real world to make it a better place for us as well as for upcoming generations! 🙂

Please follow and like us:

Qamar Nomani

Hello, I'm Qamar, I'm a cybersecurity architect and Microsoft Certified Trainer (MCT) working for an MNC, India. I spend my evening time writing articles about tech, productivity, & entrepreneurship, recording podcast "The Qamar Nomani Show" and making YouTube videos.

Leave a Reply