1 – Describe security and compliance concepts

• Describe the shared responsibility model
• Describe defense in depth
• Describe the Zero Trust model
• Describe governance, risk, and compliance (GRC) concepts

2 – Describe identity concepts

• Define authentication and authorization
• Define identity as the primary security perimeter
• Describe the role of the identity provider
• Describe the concept of directory services and Active Directory
• Describe the concept of federation

3 – Describe the function and identity types of Microsoft Entra ID

• Describe Microsoft Entra ID
• Describe types of identities
• Describe hybrid identity
• Describe external identities

4 – Describe the authentication capabilities of Microsoft Entra ID

• Describe authentication methods
• Describe multifactor authentication
• Describe self-service password reset
• Describe password protection and management capabilities

5 – Describe access management capabilities of Microsoft Entra ID

• Describe Conditional Access
• Describe Microsoft Entra roles and role-based access control (RBAC)

6 – Describe the identity protection and governance capabilities of Microsoft Entra

• Describe Microsoft Entra ID Governance
• Describe access reviews
• Describe entitlement management
• Describe the capabilities of Privileged identity Management
• Describe Microsoft Entra ID Protection
• Describe Microsoft Entra Permissions Management
• Describe Microsoft Entra Verified ID

7 – Describe core infrastructure security services in Azure

• Describe Azure DDoS protection
• Describe Azure Firewall
• Describe Web Application Firewall
• Describe network segmentation in Azure
• Describe Azure Network Security Groups
• Describe Azure Bastion
• Describe Azure Key Vault

8 – Describe the security management capabilities in Azure

• Describe Microsoft Defender for Cloud
• Describe how security policies and initiatives improve cloud security posture
• Describe Cloud security posture management
• Describe the enhanced security of Microsoft Defender for Cloud
• Describe DevOps security management

9 – Describe security capabilities of Microsoft Sentinel

• Describe threat detection and mitigation capabilities in Microsoft Sentinel
• Describe Microsoft Security Copilot

10 – Describe threat protection with Microsoft Defender XDR

• Describe Microsoft Defender XDR services
• Describe Microsoft Defender for Office 365
• Describe Microsoft Defender for Endpoint
• Describe Microsoft Defender for Cloud Apps
• Describe Microsoft Defender for Identity
• Describe Microsoft Defender Vulnerability Management
• Describe Microsoft Defender Threat Intelligence
• Describe the Microsoft Defender portal

11 – Describe Microsoft’s Service Trust portal and privacy capabilities

• Describe the offerings of the Service Trust portal
• Describe Microsoft’s privacy principles
• Describe Microsoft Priva

12 – Describe the compliance management capabilities in Microsoft Purview

• Describe the Microsoft Purview compliance portal
• Describe Compliance Manager
• Describe use and benefits of compliance score

13 – Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview

• Know your data, protect your data, and govern your data
• Describe the data classification capabilities of the compliance portal
• Describe sensitivity labels and policies
• Describe data loss prevention
• Describe retention policies and retention labels
• Describe records management
• Describe the Microsoft Purview unified data governance solution

14 – Describe the insider risk capabilities in Microsoft Purview

• Describe insider risk management
• Describe communication compliance

15 – Describe the eDiscovery and Audit capabilities in Microsoft Purview

• Describe the eDiscovery solutions in Microsoft Purview
• Describe the audit solutions in Microsoft Purview