SC-900

Authenticatie

Authorisatie

Identity provider

Federation

Microsoft Entra ID

Types of identities

Workload identities

Device Identities

Hybrid identity

External identities

Authentication methods

MFA

SSPR (Self-service password reset)

Microsoft Entra Password protection

Conditional Access

Global Secure Access

RBAC

ID Governacne

Identity lifecycle

Access lifecycle

Privileged Access

Access reviews

Entitlement management

PIM

Entra ID Protection

Asymmetrische encryptie

Symetrische encryptie

Azure DDoS protection

Network protection

IP Protection

Azure Firewall

Web application Firewall

Netwerk segmentation

Azure Network Security Groups

Azure Bastion (remote access)

Azure Key Vault

Microsoft Defender for Cloud

DevSecOps

CSPM (Cloud Security Posture Management)

Cloud Workload protection

Enhanced Security Features: Defender Plans

SIEM (Security Information and Event Management)

SOAR (security orchestration, automation and response)

Microsoft Sentinel

Detect threats

Investigate & respond

Microsoft Defender XDR services

Microsoft Purview

Service Trust Portal en privacy principes van Microsoft

Microsoft Priva

Data classification

  1. Sensitive Information type
  1. trainable classifiers (AI)

Content explorer & activity explorer

Sensitivity labels

Label policies

  1. Wie kan de labels zien?
  2. Default label
  3. Mandatory labelling
  4. Justification vereist

Data Loss Prevention (DLP)

Summary MS Learn

In this module, you explored foundational security and compliance concepts that underpin Microsoft security, compliance, and identity solutions.

You learned how the shared responsibility model divides security accountability between you and your cloud provider across on-premises, IaaS, PaaS, and SaaS environments—including AI workloads—and that you always retain responsibility for your data, identities, endpoints, and configuration choices.

You explored defense in depth as a layered security strategy and the CIA triad—confidentiality, integrity, and availability—as the goals that every security effort ultimately protects.

You learned about the Zero Trust model and its three guiding principles: verify explicitly, use least privileged access, and assume breach. You saw how these principles are applied across seven foundational pillars—identities, devices, applications, data, infrastructure, networks, and visibility/automation/orchestration—where the seventh pillar integrates signals from the other six to enable coordinated threat detection and response.

You covered encryption and hashing: symmetric and asymmetric encryption, digital signatures, protecting data at rest, in transit, and in use, key management, and how hashing with salting protects stored passwords.

Finally, you explored Governance, Risk, and Compliance (GRC) concepts—governance, risk management, and compliance—along with related data concepts: data residency, data sovereignty, and data privacy.

Now that you've completed this module, you should be able to: