Describe security and compliance concepts

Learn about common security and compliance concepts that are foundational to Microsoft solutions. Topics include the shared responsibility and Zero Trust models, encryption, data residency and data sovereignty, and more.

• Describe the shared responsibility model
• Describe defense in depth
• Describe the Zero Trust model
• Describe encryption and hashing
• Describe governance, risk, and compliance (GRC) concepts

Describe identity concepts

Learn about the key concepts of authentication and authorization and why identity is important in securing corporate resources. You'll also learn about some identity-related services.

• Define authentication and authorization
• Define identity as the primary security perimeter
• Describe the role of the identity provider
• Describe the concept of directory services and Active Directory
• Describe the concept of federation

Describe the function and identity types of Microsoft Entra ID

Microsoft Entra ID is Microsoft’s cloud-based identity and access management solution that connects people to their apps, devices, and data. Learn about the functions and identity types supported by Microsoft Entra ID.

• Describe Microsoft Entra ID
• Describe types of identities
• Describe hybrid identity
• Describe external identities

Describe the authentication capabilities of Microsoft Entra ID

Learn about the authentication capabilities of Microsoft Entra ID, including multifactor authentication, and how they improve security. You'll also learn about self-service password reset (SSPR) and the password protection and management capabilities.

• Describe authentication methods
• Describe multifactor authentication
• Describe self-service password reset
• Describe password protection and management capabilities

Describe access management capabilities of Microsoft Entra

A key function of Microsoft Entra is to manage access. Learn about Microsoft's Security Service Edge (SSE) solution, conditional access, and how Microsoft Entra roles and role-based access control (RBAC) help organizations manage access.

• Describe Conditional Access
• Describe Global Secure Access in Microsoft Entra
• Describe Microsoft Entra roles and role-based access control (RBAC)

Describe the identity protection and governance capabilities of Microsoft Entra

Microsoft Entra provides identity protection and governance capabilities. Learn about these capabilities, the use cases, and benefits.

• Describe Microsoft Entra ID Governance
• Describe access reviews
• Describe entitlement management
• Describe the capabilities of Privileged identity Management
• Describe Microsoft Entra ID Protection
• Describe Microsoft Entra Verified ID
• Describe Microsoft Entra integration with Microsoft Security Copilot

Describe Microsoft Security Copilot

Get acquainted with Microsoft Security Copilot. You're introduced to some basic terminology, how Microsoft Security Copilot processes prompts, the elements of an effective prompt, and how to enable the solution.

• Get acquainted with Microsoft Security Copilot
• Describe Microsoft Security Copilot terminology
• Describe how Microsoft Security Copilot processes prompt requests
• Describe the elements of an effective prompt
• Describe how to enable Microsoft Security Copilot

Describe core infrastructure security services in Azure

Learn about capabilities Azure supports to protect your network, VMs, and your data.

• Describe Azure DDoS protection
• Describe Azure Firewall
• Describe Web Application Firewall
• Describe network segmentation in Azure
• Describe Azure Network Security Groups
• Describe Azure Bastion
• Describe Azure Key Vault

Describe the security management capabilities in Azure

Learn about Microsoft Defender for Cloud and the capabilities it brings together to protect your cloud through secure score, recommendations, and enhanced features that provide cloud workload protection.

• Describe Microsoft Defender for Cloud
• Describe how security policies and initiatives improve cloud security posture
• Describe Cloud security posture management
• Describe the enhanced security of Microsoft Defender for Cloud
• Describe DevOps security management

Describe security capabilities of Microsoft Sentinel

Learn about Microsoft Sentinel a scalable, cloud-native, security information event management (SIEM), and security orchestration automated response (SOAR) solution. In this module, you’ll also be introduced to Microsoft Security Copilot.

• Define the concepts of SIEM and SOAR
• Describe threat detection and mitigation capabilities in Microsoft Sentinel
• Describe Microsoft Sentinel integration with Microsoft Security Copilot

Describe threat protection with Microsoft Defender XDR

Protect against cyber threats with Microsoft Defender XDR across endpoints, identities, email, and applications.

• Describe Microsoft Defender XDR services
• Describe Microsoft Defender for Office 365
• Describe Microsoft Defender for Endpoint
• Describe Microsoft Defender for Cloud Apps
• Describe Microsoft Defender for Identity
• Describe Microsoft Defender Vulnerability Management
• Describe Microsoft Defender Threat Intelligence
• Describe the Microsoft Defender portal
• Describe Copilot integration with Microsoft Defender XDR

Describe Microsoft’s Service Trust portal and privacy capabilities

Microsoft runs on trust! Here you’ll explore the Service Trust Portal for content on how Microsoft delivers on our commitment of trust. You’ll also learn about Microsoft Priva, a solution to help meet privacy goals.

• Describe the offerings of the Service Trust portal
• Describe Microsoft's privacy principles
• Describe Microsoft Priva
• Describe the data security solutions of Microsoft Purview
• Describe the data classification capabilities of Microsoft Purview Information Protection
• Describe sensitivity labels and policies in Microsoft Purview Information Protection
• Describe data loss prevention in Microsoft Purview
• Describe insider risk management in Microsoft Purview
• Describe adaptive protection in Microsoft Purview

Describe the data compliance solutions of Microsoft Purview

Learn how Microsoft Purview data compliance solutions help organizations manage risk and regulatory requirements.

• Describe audit in Microsoft Purview
• Describe eDiscovery
• Describe Compliance Manager
• Describe Communication Compliance
• Describe Data Lifecycle Management
• Describe Records Management

Describe the data governance solutions of Microsoft Purview

Learn about Microsoft Purview data governance solutions that leverage AI and modern technologies to ensure data quality, security, and compliance while also accelerating value creation.

• Describe the concepts and benefits of data governance
• Describe Microsoft Purview Data Catalog