In today’s world, Security it’s a hot topic. More and more organization are moving workloads to the Cloud and the way we interact and move data around is changing. Data is no longer contained within corporate network perimeter; we use mobile devices, work from home and have to share the data with valuable partners. It’s more important than ever to be able to protect our workloads and data from unauthorized access. Microsoft Learning is aware of this changing world and released 4 new role-based certifications focused on Security.
Together with other amazing professionals I did a session at Microsoft Ignite 2021 just about this topic. You can watch it at: https://myignite.microsoft.com/sessions/80a523a6-0984-4aa8-aaa9-d010d62c030d?source=sessions
What are the 4 new certifications and how can you get then? It couldn’t be easier. You pass at 1 exam and you get the corresponding certification! I have compiled the list of certifications and corresponding exams:
Microsoft Certified: Security, Compliance, and Identity Fundamentals
Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals
This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.
Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
- Describe the concepts of security, compliance, and identity (5-10%)
- Describe the capabilities of Microsoft identity and access management solutions (25-30%)
- Describe the capabilities of Microsoft security solutions (30-35%)
- Describe the capabilities of Microsoft compliance solutions (25-30%)
Microsoft Certified: Security Operations Analyst Associate
Exam SC-200: Microsoft Security Operations Analyst
The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.
Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
- Mitigate threats using Microsoft 365 Defender (25-30%)
- Mitigate threats using Azure Defender (25-30%)
- Mitigate threats using Azure Sentinel (40-45%)
Microsoft Certified: Identity and Access Administrator Associate
Exam SC-300: Microsoft Identity and Access Administrator
The Microsoft Identity and Access Administrator designs, implements, and operates an organization’s identity and access management systems by using Azure Active Directory (Azure AD). They manage tasks such as providing secure authentication and authorization access to enterprise applications. The administrator provides seamless experiences and self-service management capabilities for all users. Adaptive access and governance are core elements to the role. This role is also responsible for troubleshooting, monitoring, and reporting for the identity and access environment.
The Identity and Access Administrator may be a single individual or a member of a larger team. This role collaborates with many other roles in the organization to drive strategic identity projects to modernize identity solutions, to implement hybrid identity solutions, and to implement identity governance.
- Implement an identity management solution (25-30%)
- Implement an authentication and access management solution (25-30%)
- Implement access management for apps (10-15%)
- Plan and implement an identity governance strategy (25-30%)
Microsoft Certified: Information Protection Administrator Associate
Exam SC-400: Microsoft Information Protection Administrator
The Information Protection Administrator plans and implements controls that meet organizational compliance needs. This person is responsible for translating requirements and compliance controls into technical implementation. They assist organizational control owners to become and stay compliant.
They work with information technology (IT) personnel, business application owners, human resources, and legal stakeholders to implement technology that supports policies and controls necessary to sufficiently address regulatory requirements for their organization. They also work with the compliance and security leadership such as a Chief Compliance Officer and Security Officer to evaluate the full breadth of associated enterprise risk and partner to develop those policies.
This person defines applicable requirements and tests IT processes and operations against those policies and controls. They are responsible for creating policies and rules for content classification, data loss prevention, governance, and protection.
- Implement information protection (35-40%)
- Implement data loss prevention (30-35%)
- Implement information governance (25-30%)
How to prep for these exams?
In each exam page you have the Microsoft Lean learning paths. It’s free and an amazing resource to get started. I also advise candidates to take some practice exams like MeasureUp. It’s important to understand how questions are done. Allocate some time in your schedule, build a learning plan and follow it. Then just schedule the exam and seat for it! I teach hundreds of professionals every year and help then get certified. Most professional with proper preparation succeed on the exam, but sometimes that’s not the case. If that happens with you, use that experience as a learning opportunity, you have checked the format of the exam, the type of questions you struggled, … Take 1-2 weeks to study some more and give it another shoot, I’m sure you will ace it!
At the time of writing this article, these 4 exams are still in Beta. Beta exams are not scored immediately because Microsoft is gathering data on the quality of the questions and the exam. It usually takes around 2-3 weeks after the exam is out of Beta for you to take the score.
What does this mean for the actual AZ-500: Microsoft Azure Security Technologies and MS-500: Microsoft 365 Security Administration exams?
Well in short it means nothing. Both AZ-500 and MS-500 are generic security exams and certifications for Azure and Microsoft 365. The SC portfolio is more detailed and target at specific roles that cross the Azure and M365 space – Identity, Information Protection, …
Hope you enjoyed this post about the new Microsoft Security certifications and if you have questions just comment or ping me over social networks!