- 215 Actual Exam Questions
- Compatible with all Devices
- Printable Format
- No Download Limits
- 90 Days Free Updates
Get All Microsoft Security, Compliance, and Identity Fundamentals Exam Questions with Validated Answers
| Vendor: | Microsoft |
|---|---|
| Exam Code: | SC-900 |
| Exam Name: | Microsoft Security, Compliance, and Identity Fundamentals |
| Exam Questions: | 215 |
| Last Updated: | July 8, 2026 |
| Related Certifications: | Microsoft Azure |
| Exam Tags: | Beginner Microsoft IT Security and Compliance Professionals |
Looking for a hassle-free way to pass the Microsoft Security, Compliance, and Identity Fundamentals exam? DumpsProvider provides the most reliable Dumps Questions and Answers, designed by Microsoft certified experts to help you succeed in record time. Available in both PDF and Online Practice Test formats, our study materials cover every major exam topic, making it possible for you to pass potentially within just one day!
DumpsProvider is a leading provider of high-quality exam dumps, trusted by professionals worldwide. Our Microsoft SC-900 exam questions give you the knowledge and confidence needed to succeed on the first attempt.
Train with our Microsoft SC-900 exam practice tests, which simulate the actual exam environment. This real-test experience helps you get familiar with the format and timing of the exam, ensuring you're 100% prepared for exam day.
Your success is our commitment! That's why DumpsProvider offers a 100% money-back guarantee. If you don’t pass the Microsoft SC-900 exam, we’ll refund your payment within 24 hours no questions asked.
Don’t waste time with unreliable exam prep resources. Get started with DumpsProvider’s Microsoft SC-900 exam dumps today and achieve your certification effortlessly!
Which three tasks can be performed by using Azure Active Directory (Azure AD) Identity Protection? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Microsoft Entra ID Identity Protection is a risk-based conditional access capability that ''automates the detection and remediation of identity-based risks'' and enables admins to investigate risky users and sign-ins. SCI guidance explains that Identity Protection evaluates signals such as user risk and sign-in risk, raises risk detections, and can automatically remediate by enforcing actions like password reset or blocking access via risk-based policies. The portal provides rich investigation experiences for risky users, risky sign-ins, and risk detections, allowing security teams to review evidence and confirm/dismiss risks. In addition, identity risk data can be exported through Azure Monitor/diagnostic settings and integrated with SIEM/SOAR tools, enabling ''export of risk detections and security alerts to third-party solutions'' for correlation and response. Tasks such as configuring external access for partner organizations are handled by B2B collaboration features, and creating/assigning sensitivity labels belongs to Microsoft Purview Information Protection---not Identity Protection. Therefore, the tasks Identity Protection supports are: export risk detection (B), automate detection and remediation of identity-based risks (C), and investigate risks related to user authentication (D).
Which security feature is available in the free mode of Microsoft Defender for Cloud?
In Microsoft Defender for Cloud, the Free plan provides continuous security assessment and visibility into your posture via Secure Score and security recommendations. Microsoft explains that the free tier offers ''foundational CSPM capabilities,'' including recommendations and a security score (Secure score) to help you prioritize hardening tasks. Advanced features---such as vulnerability scanning for VMs (Qualys-based), Just-In-Time (JIT) VM access, and threat protection alerts---require the enhanced/paid Defender plans (for example, Defender for Servers). Consequently, among the listed options, only Secure score is available in the free mode. This score aggregates the effect of recommendations across subscriptions and resources so you can track and improve security posture without enabling any of the paid Defender plans.
What types of files can Microsoft Purview sensitive information type classifiers be used to classify?
Which compliance feature should you use to identify documents that are employee resumes?
In Microsoft Purview Information Protection, pre-trained (Microsoft-provided) trainable classifiers are designed to automatically recognize specific categories of content by learning from examples rather than relying only on patterns or keywords. Microsoft's guidance explains that trainable classifiers ''look for data by learning from examples,'' and that Microsoft supplies a catalog of ''pre-trained classifiers that you can use immediately in your tenant.'' The documentation explicitly lists content types these classifiers can recognize, including ''Resumes,'' along with other categories such as Source code, Threat and harassment, and more. Because they're already trained by Microsoft, you can use them ''to identify and classify items across SharePoint, OneDrive, and Exchange,'' and then take actions such as auto-labeling or enforcing DLP policies based on the classifier match.
By contrast, Content explorer is a reporting tool that lets you view where sensitive info types/labels were found; it doesn't identify resumes on its own. Activity explorer shows events like DLP policy matches over time. eDiscovery is used for legal hold, search, and review, not for semantic content identification. Therefore, to identify documents that are employee resumes, the correct Microsoft compliance feature is the pre-trained (Microsoft-provided) trainable classifier for Resumes.
Which two cards are available in the Microsoft 365 Defender portal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
Microsoft's SCI learning content describes the Microsoft 365 Defender portal as a unified security operations experience that surfaces security posture and active threats on a card-based dashboard. In the overview of the portal, Microsoft explains that the home page ''presents key security information in dashboard cards,'' and that among these cards are summaries that highlight risky entities such as ''Users at risk'' and ''Devices at risk.'' These cards provide quick, actionable visibility for analysts by aggregating detections and exposure data across Microsoft Defender services (for identities and endpoints). The guidance emphasizes that the portal ''correlates signals across identities, endpoints, email, and applications'' and that security teams can use the dashboard cards to pivot directly into incidents and investigations from ''Users at risk'' or ''Devices at risk'' to take containment or remediation actions.
By contrast, Compliance Score is part of Microsoft Purview Compliance Manager, not the Microsoft 365 Defender portal; Service Health and User Management are functions of the Microsoft 365 admin center. Therefore, the cards you'll find on the Microsoft 365 Defender portal that match the choices provided are Users at risk and Devices at risk.
Security & Privacy
Satisfied Customers
Committed Service
Money Back Guranteed