It’s been just over six months since I passed the AZ-140 exam to earn the Microsoft Certified: Azure Virtual Desktop Specialty certification. During that time, I made the decision to have a deeper look at the Microsoft Security Stack in response to priority changes with some of the customers that I currently support. I chose the SC-900 Exam to gain foundational knowledge in the areas of Security, Compliance, and Identity.
Disclaimer: Microsoft reviews certifications regularly to help ensure that they remain relevant, technically accurate and that they assess the skills needed to thrive in a cloud-based world. Exams evolve over time and may change without notice. This post represents my best knowledge of the SC-900 exam as of Q3 2022, but you should always consult Microsoft’s Official SC-900 Exam Page for the contents of the exam.
What is the Security, Compliance, and Identity Fundamentals Certification?
The Security, Compliance, and Identity Fundamentals Exam is targeted at those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft Security, compliance, and identity solutions.
Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft Security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
How Did I Prepare?
As an IT professional, security and compliance have been a part of my career from day one. I have never worked on a formal “security team”, but I am responsible for ensuring that the solutions I architect and deploy are done with security in mind.
Twenty years of IT experience has provided a working knowledge on the topic of security. I used this knowledge along with the resources outlined in the next section to prepare. I spent five days studying one hour a night for this exam.
What Resources Did I Use to Prepare?
I used the following resources to get ready:
- Microsoft Learn – Describe the concepts of security, compliance, and identity
- Microsoft Learn – Describe the capabilities of Microsoft Identity and access management solutions
- Microsoft Learn – Describe the capabilities of Microsoft security solutions
- Microsoft Learn – Describe the capabilities of Microsoft compliance solutions
- John Savill – SC-900 Microsoft Security, Compliance, and Identity Fundamentals Study Cram
The Microsoft Learn content along with John Savill’s Study Cram provided everything I needed to fully understand the content I would be tested on in the exam. If you’ve been working in IT for any amount of time, the above should also provide you with everything you need to pass.
My Challenge Area
While I cannot talk about exam specifics for obvious reasons, I do want to point out the area that I scored the lowest on:
Describe the Capabilities of Microsoft Compliance Solutions related questions make up 25-30%. According to my score report this is the area where I had the most difficulty. Most of the compliance servers in the Microsoft Stack are part of the Microsoft 365 service. I’ve never had any direct hands-on experience with these services, so this result is not surprising.
This was my twelfth exam taken remotely through PearsonVue due to COVID-19. As mentioned, I gave myself five days to prepare and study when I scheduled the exam.
This was my sixth exam since joining Microsoft. My “official” home office shed is finally underway, but still not ready to be occupied. Once again, I took the exam in our guest bedroom and did not have to take pictures down, remove paperwork, disable technology, etc. The exam launched and I spent the next 40 minutes working through questions. I finished 20 minutes early.
Immediately after the test, I received my detailed score breakdown in various areas and was told that I passed. An e-mail showed up no more than an hour later with details on getting my certificate, claiming it on Credly, sharing it on LinkedIn, etc.
The Microsoft Security, Compliance, and Identity Fundamentals exam was a good exam to test my baseline understanding of the services that make up the Microsoft Security Stack. No direct hands-on experience is needed with any of the services but would provide some help. Make sure you know and understand the specific features and functionality of the services.
I always enjoy taking the fundamentals exams as I don’t feel they require much preparation. I am interested in having a look at the Microsoft Certified: Cybersecurity Architect (SC-100) exam, but I know that this one will require substantial for study (especially hands-on time).
If you made it this far thanks for reaching. If you find these posts helpful, please let me know in the comments below or find me on Twitter.