Bash, the Crucial Exams Chat Bot
AI Bot
Microsoft Security Solutions Flashcards
Microsoft Security, Compliance, and Identity Fundamentals SC-900 Flashcards
Study our Microsoft Security Solutions flashcards for the Microsoft Security, Compliance, and Identity Fundamentals SC-900 exam with 40+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Azure Security Center primary function | To centralize security management and threat protection for Azure resources. |
| Azure Security Center two-tier subscription options | Free tier and Standard tier. |
| Azure Security Center's Adaptive Application Controls | Helps define and enforce allowlists for application execution on virtual machines. |
| Azure Security Center's compliance assessment tool | Built-in regulatory compliance dashboard. |
| Azure Security Center's Just-In-Time VM Access feature | Controls Azure VM ports, reducing exposure to attacks. |
| Benefits of Microsoft Sentinel over traditional SIEM solutions | Scalability, cloud-native architecture, and simplified management. |
| Difference between Microsoft Defender and Sentinel | Defender focuses on endpoint and threat protection, while Sentinel is SIEM/SOAR for broader security monitoring. |
| How does Learning Mode in Adaptive Application Controls work? | It observes your app usage to recommend rules for allowed applications. |
| How does Microsoft Sentinel support data connectors? | By providing seamless integration with third-party security tools and Microsoft 365 services. |
| How does the Fusion feature in Microsoft Sentinel work? | By correlating alerts from different sources to detect complex, multi-stage attacks. |
| How Microsoft Defender integrates across devices | By using Endpoint Detection and Response (EDR) and device management tools. |
| Key feature of Microsoft Defender for Cloud Apps | Cloud App Discovery for identifying and assessing shadow IT. |
| Microsoft 365 Defender offering inside the suite | Unified protection for identities, endpoints, email, and applications. |
| Microsoft Cloud App Security purpose | To improve visibility and control over user activity in cloud apps and mitigate risks. |
| Microsoft Defender | Microsoft's comprehensive enterprise-level security suite. |
| Microsoft Defender Antivirus primary function | To provide built-in malware and threat protection for Windows environments. |
| Microsoft Defender ATP | Microsoft Defender Advanced Threat Protection integrates threat detection across endpoints. |
| Microsoft Defender for Endpoint network protection capability | Blocks traffic to malicious IP addresses and domains. |
| Microsoft Defender for Identity focus | Protection against identity-based threats like compromised credentials or lateral movement. |
| Microsoft Defender for IoT focus | Securing Internet of Things (IoT) and Operational Technology (OT) devices against cyber threats. |
| Microsoft Defender for Office 365 | A tool to protect users from phishing, malware, and other email threats. |
| Microsoft Secure Score purpose in Microsoft 365 | A score that measures and recommends improvements for overall security in the Microsoft 365 environment. |
| Microsoft Sentinel focus area | Cloud-native security information and event management (SIEM) and security orchestration, automation, and response (SOAR). |
| Purpose of Azure Key Vault in security | To securely store and manage sensitive information like encryption keys, secrets, and certificates. |
| Purpose of Azure Security Benchmark in Azure Security Center | To provide best practices and security controls aligned with frameworks like CIS. |
| Purpose of Azure Sentinel Hunting Queries | To proactively look for suspicious activities and patterns in your data using KQL queries. |
| Purpose of Built-in Roles in Microsoft Sentinel | To assign and manage user access permissions to security data and operations. |
| Purpose of Role-Based Access Control (RBAC) in Azure Security Center | To restrict access to security data and tools based on user roles. |
| Purpose of Security Playbooks in Microsoft Sentinel | To automate incident response and threat mitigation steps. |
| Role of Threat Intelligence in Microsoft Defender | It provides actionable insights to understand and mitigate threats. |
| Secure Score in Azure Security Center | A measurement tool to assess your organization's security posture. |
| Use of Azure Policy in Azure Security Center | To enforce security configuration across resources. |
| What Azure Monitor is used for in security | To collect and analyze telemetry data for proactive threat detection and system performance monitoring. |
| What is an Analytics Rule in Microsoft Sentinel? | A rule that defines conditions for raising alerts based on incoming data. |
| What is Azure DDoS Protection? | A service to mitigate Distributed Denial of Service attacks against Azure-hosted applications. |
| What is Conditional Access in Microsoft Defender? | A tool to enforce security policies based on user behavior, location, and device health. |
| What is the role of Automation Rules in Microsoft Sentinel? | To automate the routing and handling of incidents and alerts. |
| What is the Threat Explorer in Microsoft Defender for Office 365? | A tool to investigate and respond to email threats like phishing and malware. |
| What Log Analytics Workspace is used for in Microsoft Sentinel | To store and analyze security logs and data. |
| What Microsoft Sentinel uses to detect threats in real time | Advanced AI and machine learning algorithms. |
About the Flashcards
Master Microsoft's cloud and endpoint security services with concise review cards that spotlight the tools and concepts most frequently tested. You'll revisit how Azure Security Center improves posture with Secure Score, why Sentinel's SIEM/SOAR analytics matter, and where each Defender workload-Endpoint, Office 365, Identity, IoT, Antivirus-fits into a layered defense strategy.
Flashcards for the Microsoft Security, Compliance, and Identity Fundamentals exam reinforce essential terminology such as analytics rules, playbooks, Adaptive Application Controls, and RBAC while tying them to practical scenarios like just-in-time VM access or DDoS mitigation. Repeated exposure to these bite-sized facts helps you quickly recall configuration options, compliance dashboards, and automation capabilities on test day.
Topics covered in this flashcard deck:
- Microsoft Defender suites
- Azure Security Center
- Microsoft Sentinel SIEM/SOAR
- Secure Score & compliance
- Automation & playbooks
- RBAC & policies