SC-900: MS Security, Compliance, and Identity

---

This fundamental-level course introduces learners to Microsoft’s comprehensive approach to security, compliance, and identity (SCI) across cloud-based and hybrid environments. It provides foundational knowledge of core SCI principles and Microsoft services, helping learners understand how Microsoft solutions support organizational security and regulatory compliance.

By the end of this course, learners will be familiar with basic SCI concepts, Microsoft Entra ID (formerly Azure Active Directory), Microsoft Defender, compliance management in Microsoft Purview, and how Microsoft security solutions provide end-to-end threat protection and governance. This course is an excellent starting point for individuals pursuing a career in security or preparing for the Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) certification.

• Define common security principles (e.g., Zero Trust, defense in depth)
• Explain the shared responsibility model in Microsoft Cloud
• Understand identity concepts and their role in securing environments
• Describe compliance terms and the importance of regulatory standards

• Understand the role of Microsoft Entra ID in identity and access management
• Explore core identity services: SSO, MFA, Conditional Access, identity protection
• Explain the purpose and use of Microsoft Entra roles and access reviews
• Introduce concepts like external identities and B2B collaboration

• Identify Microsoft Defender products: Defender for Endpoint, Cloud, Identit 
• Understand Microsoft Sentinel as a SIEM/SOAR solution
• Explore Microsoft Secure Score and threat protection capabilities
• Describe Microsoft Purview’s role in compliance and data loss prevention

• Understand compliance management using Microsoft Purview Compliance Manager
• Explain data classification and sensitivity labels
• Describe Insider Risk Management and eDiscovery tools
• Understand compliance score, auditing, and retention policies
   

This course is ideal for:

• Business stakeholders, compliance officers, and IT professionals interested in Microsoft’s SCI solutions
• Individuals beginning a career in cybersecurity or compliance
• Technical decision-makers exploring Microsoft’s capabilities in cloud security and compliance
• Anyone preparing for the SC-900 certification as a foundational step toward more advanced roles in the Microsoft security ecosystem
   

• General understanding of IT services and cloud concepts (e.g., IaaS, PaaS, SaaS)
• Basic familiarity with Microsoft 365 and Azure (helpful but not required)
• No hands-on technical experience is necessary—this course is designed for beginners

 This intermediate-level course provides learners with a deep dive into securing Microsoft Azure environments. It equips learners with practical knowledge on managing identity and access, securing platforms and workloads, implementing advanced security operations, and managing data protection strategies.
By the end of the course, learners will understand how to secure Azure resources, configure security policies, monitor threats, and respond to security incidents using Microsoft security technologies. This training prepares learners for real-world cloud security roles and for earning the Microsoft Certified: Azure Security Engineer Associate certification. .

Module 1 – Manage Identity and Access

• Configure Microsoft Entra ID (formerly Azure Active Directory) for workloads
• Manage secure access with Conditional Access, Multi-Factor Authentication (MFA)
• Implement Privileged Identity Management (PIM) and access reviews

Module 2 – Secure Azure Platform Protection

• Configure security settings for Azure compute, storage, and networking
• Implement host security, network security groups (NSGs), and Azure Firewall
• Secure container services and implement key vault security

Module 3 – Manage Security Operations

• Configure Azure Monitor and Microsoft Sentinel for security monitoring
• Analyze security alerts and detect threats
• Automate responses to security incidents

Module 4 – Secure Data and Applications

• Implement encryption for data at rest a in transit
• Configure application security with managed identities and security best practices
• Implement Azure Policies for security compliance and governance
   

 This course is ideal for Azure administrators, security engineers, cloud architects, and IT professionals who are responsible for securing cloud-based solutions and managing identity, access, and protection in Azure environments.
It’s also perfect for anyone preparing for the Microsoft Certified: Azure Security Engineer Associate (AZ-500) exam and building advanced cloud security skills.
 

• Experience with Windows Server administration 
• Familiarity with core networking, virtualization, and identity services
• Basic knowledge of Azure services is helpful but not required

T This intermediate-level course prepares learners to manage Microsoft 365 security and compliance solutions. It equips learners with essential skills to implement identity and access management, protect information, manage compliance requirements, and defend against security threats across Microsoft 365 services.
By the end of the course, learners will be able to implement and manage security strategies, monitor secure environments, and ensure regulatory compliance within Microsoft 365. This training helps learners advance their cloud security expertise and prepares them for the Microsoft Certified: Security Administrator Associate certification. 

Module 1 – Implement and Manage Identity and Access

• Configure Microsoft Entra ID (formerly Azure Active Directory) for identity management
• Implement Conditional Access and identity protection
• Manage role-based access control (RBAC) and privilege access

Module 2 – Implement and Manage Threat Protection

• Plan and configure Microsoft Defender for Endpoint, Office 365, and Identity
• Monitor security reports and alerts
• Investigate and respond to threats using Microsoft 365 Defender

Module 3 – Implement and Manage Information Protection

• Configure Microsoft Purview Information Protection solution
• Implement data loss prevention (DLP) policies
• Manage and monitor information protection reports

Module 4 – Implement and Manage Compliance and Governance

• Plan and implement Microsoft Purview compliance solutions
• Configure Insider Risk Management and communication compliance
• Manage audit logs, eDiscovery, and compliance report site failover
• Design alerting and diagnostics strategies
   

This course is ideal for Microsoft 365 administrators, security administrators, compliance managers, and IT professionals who are responsible for managing and securing Microsoft 365 environments.
It’s also perfect for anyone preparing for the Microsoft Certified: Security Administrator Associate (MS-500) exam and looking to build expertise in Microsoft 365 security and compliance.
 

• Basic understanding of Microsoft 365 services and security concepts
• Familiarity with identity concepts, authentication, and cloud fundamentals is recommended

This advanced-level course focuses on designing and evolving cybersecurity strategies using Microsoft security technologies. It equips learners with expert skills to design Zero Trust strategies, evaluate security compliance requirements, and architect security solutions across Microsoft cloud, hybrid, and multi-cloud environments.
By the end of the course, learners will be able to design comprehensive security solutions that align with business needs, mitigate threats effectively, and ensure regulatory compliance. This training prepares learners for the Microsoft Certified: Cybersecurity Architect Expert certification and high-level security leadership roles. 

Module 1 – Design a Zero Trust Strategy and Architecture

• Design identity and access management strategies
• Plan security for data, applications, and networks
• Build a Zero Trust strategy using Microsoft technologies

Module 2 – Evaluate Governance, Risk, and Compliance (GRC) Technical Strategies

• Interpret compliance requirements
• Design solutions to meet regulatory obligations
• Implement risk management frameworks and processes

Module 3 – Design Security Solutions for Infrastructure

• Design security solutions for hybrid and multi-cloud environments
• Protect endpoints, networks, and servers using Microsoft Defender solutions
• Plan secure management of workloads in Azure and beyond

Module 4 – Design Security Operations Strategies

• Develop threat protection strategies with Microsoft Sentinel
• Plan security monitoring, incident response, and recovery solutions
• Integrate security operations across hybrid environments

This course is ideal for experienced security engineers, cybersecurity architects, cloud architects, and senior IT professionals who are responsible for planning and designing security strategies for enterprise-level organizations.
It’s especially targeted at those preparing for the Microsoft Certified: Cybersecurity Architect Expert (SC-100) exam and aiming to lead cybersecurity initiatives at a strategic level.

• Extensive experience with Microsoft security, compliance, and identity solution
• Recommended prerequisite certifications: at least one Microsoft Associate-level security certification (such as SC-200, SC-300, AZ-500, or MS-500)

 This intermediate-level course trains learners to detect, investigate, respond to, and remediate cybersecurity threats using Microsoft security technologies. It equips learners with hands-on skills across Microsoft Sentinel, Microsoft 365 Defender, Defender for Cloud, and Defender for Endpoint.
By the end of the course, learners will be able to mitigate threats, manage incidents, perform threat hunting activities, and protect cloud and on-premises environments using Microsoft security solutions. This training prepares learners for the Microsoft Certified: Security Operations Analyst Associate certification and practical roles in Security Operations Centers (SOC). 

Module 1 – Mitigate Threats Using Microsoft 365 Defender

• Protect identities, endpoints, and cloud apps
• Investigate incidents and perform advanced hunting
• Respond to threats across Microsoft 365 workloads

Module 2 – Mitigate Threats Using Microsoft Sentinel

• Configure Microsoft Sentinel and connect data sources
• Detect, investigate, and respond to threats using Sentinel
• Create analytics rules, workbooks, and automation playbooks

Module 3 – Mitigate Threats Using Microsoft Defender for Cloud

• Secure Azure, hybrid, and multi-cloud workloads
• Implement recommendations to strengthen cloud security posture
• Manage threat protection for infrastructure and platform services

Module 4 – Mitigate Threats Using Microsoft Defender for Endpoint

• Protect, detect, and respond to endpoint threats
• Investigate incidents using Microsoft Defender for Endpoint tools
• Implement device compliance and attack surface reduction policies
   

This course is ideal for security analysts, SOC analysts, incident responders, and IT professionals who are responsible for monitoring, detecting, investigating, and responding to cybersecurity threats in cloud and hybrid environments.
It’s also perfect for those preparing for the Microsoft Certified: Security Operations Analyst Associate (SC-200) exam and looking to specialize in threat detection and response.
 

• Basic understanding of Microsoft 365 and Azure services
• Familiarity with security concepts such as SIEM, SOAR, incident response, and threat protection is recommended

 This intermediate-level course focuses on managing identity and access in Microsoft environments using Microsoft Entra ID (formerly Azure Active Directory). It equips learners with the skills to design, implement, and operate identity and access management solutions, including secure authentication, access policies, identity governance, and hybrid identity solutions.
By the end of the course, learners will be able to manage identities and access for users, devices, and applications, both in the cloud and on-premises. This training prepares learners for the Microsoft Certified: Identity and Access Administrator Associate certification and real-world identity management roles. 

Module 1 – Implement an Identity Management Solution

• Configure Microsoft Entra ID tenant settings
• Manage users and groups, including dynamic groups
• Implement and manage hybrid identity with Microsoft Entra Connect

Module 2 – Implement an Authentication and Access Management Solution

• Plan and deploy authentication solutions including passwordless and multi-factor authentication (MFA)
• Configure conditional access policies
• Manage external identities and B2B collaboration

Module 3 – Implement Access Management for Applications

• Register applications with Microsoft Entra ID
• Configure application permissions and consent policies
• Manage enterprise applications and single sign-on (SSO) settings

Module 4 – Plan and Implement Identity Governance

• Implement access reviews and entitlement management
• Configure Privileged Identity Management (PIM)
• Monitor and maintain identity governance solutions
   

 This course is ideal for identity administrators, security administrators, cloud administrators, and IT professionals responsible for managing identity and access solutions.
It’s also perfect for anyone preparing for the Microsoft Certified: Identity and Access Administrator Associate (SC-300) exam and looking to build deep skills in identity governance.
 

• Basic understanding of Microsoft Azure and Microsoft 365
• Familiarity with identity concepts, authentication methods, and access management is recommended

This intermediate-level course focuses on implementing information protection, data loss prevention, and data governance in Microsoft 365 environments using Microsoft Purview solutions. It equips learners with the skills to protect sensitive data, manage compliance requirements, and respond to regulatory obligations effectively.
By the end of the course, learners will be able to classify and protect information, prevent data loss, manage insider risks, and perform compliance tasks using Microsoft Purview solutions. This training prepares learners for the Microsoft Certified: Information Protection and Compliance Administrator Associate certification and real-world roles in data protection and compliance management. 

Module 1 – Implement Information Protection in Microsoft Purview

• Classify and protect sensitive information
• Implement sensitivity labels, encryption, and content marking
• Manage data classification and monitor protected content

Module 2 – Implement Data Loss Prevention (DLP)

• Configure DLP policies for Microsoft 365 services
• Monitor, report, and remediate DLP violations
• Protect data in Teams, SharePoint, OneDrive, and Exchange

Module 3 – Implement Information Governance and Records Management

• Configure retention labels and policies
• Manage records in Microsoft Purview
• Monitor and audit compliance-related activities

Module 4 – Manage Insider Risk Management, eDiscovery, and Audit

• Implement Insider Risk Management and communication compliance
• Configure and manage Microsoft Purview eDiscovery solutions
• Conduct investigations and manage audit logs 

This course is ideal for compliance officers, information protection administrators, risk practitioners, and IT professionals who are responsible for implementing compliance and information protection solutions within Microsoft 365.
It’s also perfect for those preparing for the Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400) exam and aiming to specialize in governance, risk, and compliance (GRC).
 

• Basic understanding of Microsoft 365 services
• Familiarity with data protection concepts and compliance requirements is recommended

This foundational-level course provides comprehensive coverage of cybersecurity principles, best practices, and technologies needed to protect systems and data. Focused on preparing learners for the CompTIA Security+ (SY0-701) certification, the course equips students with the knowledge and skills to identify, assess, and mitigate security risks in diverse environments.

By the end of the course, learners will understand core cybersecurity concepts, implement secure network solutions, manage risk, and respond to security incidents effectively. This training prepares students for both the Security+ certification exam and entry-level to intermediate roles in cybersecurity operations, network security, and risk management.

Module 1 – Threats, Attacks, and Vulnerabilities

• Identify various types of threats and attacks
• Analyze indicators of compromise
• Perform penetration testing and vulnerability scanning

Module 2 – Architecture and Design

• Secure network architecture and design principles
• Implement secure cloud and virtualization solutions
• Apply resilience and physical security strategies

Module 3 – Implementation

• Install and configure secure network protocols
• Implement wireless security settings
• Deploy identity and access management (IAM) solutions, including AAA services

Module 4 – Operations and Incident Response

• Utilize security assessment and testing tools
• Understand incident response processes
• Apply digital forensics techniques

Module 5 – Governance, Risk, and Compliance

• Understand risk management processes
• Comply with security regulations, standards, and frameworks
• Apply security policies and procedures
   

This course is ideal for cybersecurity analysts, network administrators, security consultants, and IT professionals seeking to build or validate foundational security skills.
It’s also perfect for anyone preparing for the CompTIA Security+ (SY0-701) exam and aiming for a career in cybersecurity.
 

Basic understanding of computer networks, operating systems, and IT fundamentals is recommended.
Familiarity with basic security concepts is helpful but not required. 

 This associate-level course focuses on securing Cisco networks and understanding core security concepts needed to protect network devices and data. It equips learners with the skills to develop a security infrastructure, recognize threats and vulnerabilities, and implement effective security controls.
By the end of the course, learners will understand security fundamentals, secure Cisco routers and switches, manage network access, implement VPNs, and protect network operations against cybersecurity threats. This training prepares learners for Cisco’s CCNA Security certification (which has now evolved into the broader CCNA with security topics integrated). 

 Module 1 – Security Concepts

• Understand threats, vulnerabilities, and exploit 
• Explain security terms and principles
• Describe cryptography fundamentals

Module 2 – Secure Access

• Configure AAA (Authentication, Authorization, and Accounting) on Cisco devices
• Implement secure management access using SSH and SNMPv3
• Use ACLs (Access Control Lists) for traffic filtering

Module 3 – VPNs and Secure Communications

• Configure site-to-site VPNs using IPsec
• Implement remote access VPNs
• Understand SSL/TLS basics for secure web communication

Module 4 – Secure Network Devices

• Harden Cisco routers and switches
• Implement device security policies
• Secure administrative access and network management

Module 5 – Firewall, IDS, and IPS Concepts

• Understand Cisco firewall technologies (ASA, Firepower)
• Deploy basic intrusion detection and prevention systems (IDS/IPS)
• Monitor and manage security appliances

Module 6 – Security Monitoring and Incident Response

• Implement basic network monitoring with Syslog and SNMP
• Understand SIEM (Security Information and Event Management) basics
• Respond to security incidents and threats
   

 This course is ideal for network administrators, security support engineers, and IT professionals seeking to build foundational network security skills and protect Cisco networks.
It’s also perfect for anyone preparing for Cisco's security-focused associate certifications, and those aiming to advance toward cybersecurity roles like Security Engineer or Network Security Specialist. 

• Basic understanding of networking concepts (recommended CCNA-level knowledge)
• Familiarity with Cisco routing and switching environments is helpful

The AWS Certified Solutions Architect – Associate course provides comprehensive training in designing, deploying, and managing secure, scalable, and highly available applications on the Amazon Web Services (AWS) platform. This hands-on course builds your practical cloud architecture skills and prepares you for the AWS Certified Solutions Architect – Associate (SAA-C03) exam.
Whether you are new to AWS or have some experience, this course will help you confidently design cloud-based solutions that meet business and technical requirements. 

Module 1 – Introduction to AWS and Cloud Fundamentals

• Core AWS services and global infrastructure
• AWS shared responsibility model and best practices
• Overview of architectural design principles

Module 2 – Design Resilient Architectures

• Designing multi-tier applications with high availability
• Implementing elastic load balancing and auto-scaling
• Using AWS services for fault tolerance and disaster recovery

Module 3 – Design High-Performing Architectures

• Selecting appropriate compute, storage, and database services
• Optimizing architectures for performance and cost
• Using caching and content delivery strategies

Module 4 – Design Secure Applications and Architectures

• Designing secure access to AWS resources
• Implementing identity, authentication, and authorization with IAM
• Data protection strategies using encryption and key management

Module 5 – Design Cost-Optimized Architectures

• Designing for cost-efficiency using pricing models and calculators
• Right-sizing services for workloads
• Implementing billing and cost monitoring tools

This course is ideal for:

• Aspiring cloud architects and solution designers
• Systems administrators and IT professionals transitioning to cloud roles
• Anyone preparing for the AWS Certified Solutions Architect – Associate (SAA-C03) exam
   

• Aspiring cloud architects and solution designers
• Systems administrators and IT professionals transitioning to cloud roles
• Anyone preparing for the AWS Certified Solutions Architect – Associate (SAA-C03) exam

 The CCSP (Certified Cloud Security Professional) course provides advanced training in cloud security architecture, governance, risk management, and compliance. Developed by (ISC)², this course equips learners with the knowledge and skills needed to design, manage, and secure data, applications, and infrastructure in the cloud.
By the end of the course, learners will be able to apply security principles to cloud environments, manage cloud risks, and ensure regulatory compliance across multiple cloud platforms. This training prepares candidates for the CCSP certification exam and high-level roles in cloud security and enterprise cybersecurity leadership. 

Module 1 – Cloud Concepts, Architecture, and Design

• Cloud computing definitions, principles, and deployment models
• Cloud reference architectures and design principles
• Evaluating cloud service providers and cloud solution planning

Module 2 – Cloud Data Security

• Cloud data life cycle management
• Designing and implementing cloud data storage architectures
• Applying encryption and key management solutions in cloud environments

Module 3 – Cloud Platform and Infrastructure Security

• Securing cloud infrastructure components (compute, networking, storage)
• Designing and implementing secure cloud environments
• Disaster recovery and business continuity planning in the cloud

Module 4 – Cloud Application Security

• Secure software development life cycle (SDLC) in the cloud
• Identifying and remediating cloud application vulnerabilities
• Managing application security testing and validation

Module 5 – Cloud Security Operations

• Managing physical and logical cloud infrastructure for security
• Implementing monitoring, incident response, and forensics in the cloud
• Managing change control, patching, and vulnerability management

Module 6 – Legal, Risk, and Compliance

• Understanding legal and regulatory issues unique to cloud computing
• Risk management frameworks and methodologies
• Managing compliance audits and contractual obligations in cloud environments
   

This course is ideal for:

• Experienced IT professionals, security architects, and enterprise security practitioners
• Cloud architects, security consultants, and engineers managing cloud security strategies
• Anyone preparing for the (ISC)² CCSP certification exam
   

• Strong understanding of cybersecurity and IT networking fundamentals
• Recommended experience: at least 5 years in IT (3 years in information security, 1 year in cloud security)

 The CISSP (Certified Information Systems Security Professional) course provides advanced training in designing, engineering, and managing the overall security posture of an organization. Developed by (ISC)², this globally recognized course equips learners with comprehensive knowledge across eight domains of information security, helping them build and lead robust cybersecurity programs.
By the end of the course, learners will be able to design and implement secure business environments, manage risk, lead security teams, and comply with legal and regulatory requirements. This training prepares candidates for the CISSP certification exam and leadership roles in cybersecurity, governance, and risk management. 

Module 1 – Security and Risk Management

• Confidentiality, integrity, and availability principles
• Governance, compliance, risk management, and security policies
• Legal, regulatory, and professional ethics

Module 2 – Asset Security

• Information classification and ownership
• Data security controls and standards
• Secure data handling throughout the data lifecycle

Module 3 – Security Architecture and Engineering

• Secure design principles for networks, systems, and applications
• Cryptography and security models
• Vulnerabilities in architecture and countermeasures

Module 4 – Communication and Network Security

• Secure network architecture and design
• Secure communication channels and network components
• Protecting networks against attacks and breaches

Module 5 – Identity and Access Management (IAM)

• Identification, authentication, and authorization mechanisms
• Federated identity management and access provisioning
• Implementing and managing identity services

Module 6 – Security Assessment and Testing

• Design and validate security assessment strategies
• Conduct security audits, penetration tests, and vulnerability assessments
• Report and manage assessment findings

Module 7 – Security Operation

• Detect and manage incidents
• Disaster recovery and business continuity planning
• Managing and protecting physical security

Module 8 – Software Development Security

• Secure coding practices and security controls in development
• Software security effectiveness evaluation
• Managing security in software acquisition and development lifecycle
   

This course is perfect for:

• Experienced security practitioners, managers, and executives responsible for securing enterprise environments
• Security consultants, analysts, auditors, and architects preparing for the CISSP exam
• IT professionals seeking leadership roles in cybersecurity management and governance
   

• Minimum of five years cumulative paid work experience in two or more of the eight CISSP domains
• (A one-year experience waiver is available for candidates with a four-year college degree or an approved credential)