Académique Documents
Professionnel Documents
Culture Documents
Security,
Compliance, and
Identity
Fundamentals
Solutions de sécurité
Microsoft 365
Agenda
Introduction
https://aka.ms/sc900academy
Introduction
L’examen SC-900
Microsoft Security, Compliance, and Identity Fundamentals
60 minutes, ~50 questions très générales
Version actuelle de l’examen : 07 février 2023 (anglaise)
Sujets :
Describe the concepts of security, compliance, and identity (10-15%)
Describe the capabilities of Microsoft identity and access management solutions (25-30%)
Describe the capabilities of Microsoft Security solutions (25-30%)
Describe the capabilities of Microsoft compliance solutions (25-30%)
Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals - Learn | Microsoft Docs
Describe the capabilities of Microsoft Security
solutions (25-30%)
Learning path: Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals - Learn | Microsoft Docs
Politiques adaptatives fondées sur les
Sécurisation des accès risques
Gestion des identités et des accès Expérience transparente pour tout
dans votre environnement utilisateur
Gestion unifiée des identités et accès
• Simplification du cycle de vie
Microsoft Defender
XDR
Cross-domain protection
Microsoft Defender
XDR
Microsoft 365 best of breed security products
Formerly Azure Advanced Formerly Microsoft Defender Formerly Microsoft Office 365
Threat Protection Advanced Threat Protection Advanced Threat Protection
Formerly Azure Advanced Formerly Microsoft Defender Formerly Microsoft Office 365
Threat Protection Advanced Threat Protection Advanced Threat Protection
HP Enterprise
Endpoints and servers Mobile device OS Virtual desktops Network devices
Microsoft Defender
for Endpoint
Built-in. Cloud-powered.
THREAT & VULNERABILITY ATTACK SURFACE NEXT GENERATION ENDPOINT DETECTION AUTO INVESTIGATION MICROSOFT
MANAGEMENT REDUCTION PROTECTION & RESPONSE & REMEDIATION THREAT EXPERTS
Cross platform and enterprise grade Preview as a standalone Standalone offering will Supports multi-customer
protection with next-gen protection, offering and generally serve non-Microsoft viewing of security incidents
endpoint detection and response, and available as part of 365 customers. No with Microsoft 365 Lighthouse
threat and vulnerability management Microsoft 365 Business licensing prerequisites for partners
Premium
1
Optimized for SMB. 2 Additional capabilities planned 3, iOS, and Android requires Microsoft Endpoint Manager. Please see Documentation for more detail.
Microsoft 365 Defender – Portal Demo
Ressources
Les ressources
Acronyms: https://aka.ms/MSAcronyms
Vérifier explicitement
Supposer une violation
Accès base sur les rôles
Sécurité du périmètre
Parmi ces propositions, quels sont 2 principes d’un
modèle Zero Trust ?
Vérifier explicitement
Supposer une violation
Accès base sur les rôles
Sécurité du périmètre
Sélectionnez la réponse pour compléter la phrase :
« ________ est le nouveau périmètre de sécurité »
Pare-feu
Identité
Réseau
Azure Active Directory
Sélectionnez la réponse pour compléter la phrase :
« ________ est le nouveau périmètre de sécurité »
Pare-feu
Identité
Réseau
Azure Active Directory
Defend across attack chains
Insider and external threats December 2021 – https://aka.ms/MCRA
Defender for Defender for IoT (& OT) Azure AD Defender for
Office 365 Identity Protection Cloud Apps
IoT Device Disrupt OT
Phishing Open Exploitation Environment Exfiltration
Brute force account Attacker
mail attachment accesses of data
or use stolen account
credentials sensitive data
Defender for Endpoint
Attacker collects Domain
Click a URL
Exploitation Command Defender for reconnaissance & compromised
and Installation and Control User account is
Identity compromised configuration data
Browse
a website Microsoft Defender Attacker attempts
for Cloud lateral movement
Privileged account
compromised
Disgruntled or disenchanted
Potential
Subject to stressors Insider has access Anomalous
sabotage
to sensitive data activity detected