Chapter 1 - Describe security and compliance concepts

• 1.1. Describe the shared responsibility model
• 1.2. Describe defense in depth
• 1.3. Describe the Zero-Trust model
• 1.4. Describe encryption and hashinp
• 1.5. Describe compliance concepts

Chapter 2 - Define identity concepts

• 2.1 Define identity as the primary security perimeter
• 2.2 Define authentication
• 2.3 Define authorization
• 2.4 Describe identity providers
• 2.5 Describe Active Directory
• 2.6 Describe the concept of Federation

Chapter 3 - Describe the basic identity services and identity types of Azure AD

• 3.1 Describe Azure Active Directory
• 3.2 Describe Azure AD identities
• 3.3 Describe hybrid identity
• 3.4 Describe the different external identity types

Chapter 4 - Describe the authentication capabilities of Azure AD

• 4.1 Describe the authentication methods available in Azure AD
• 4.2 Describe Multi-factor Authentication
• 4.3 Describe self-service password reset
• 4.4 Describe password protection and management capabilities available in Azure AD

Chapter 5 - Describe access management capabilities of Azure AD

• 5.1 Describe conditional access
• 5.2 Describe the benefits of Azure AD roles
• 5.3 Describe the benefits of Azure AD role-based access control

Chapter 6 - Describe the identity protection and governance capabilities of Azure AD

• 6.1 Describe identity governance in Azure AD
• 6.2 Describe entitlement management and access reviews
• 6.3 Describe the capabilities of Azure AD Privileged Identity Management (PIM)
• 6.4 Describe Azure AD Identity Protection

Chapter 7 - Describe basic security capabilities in Azure

• 7.1 Describe Azure DDoS protection
• 7.2 Describe Azure Firewall
• 7.3 Describe Web Application Firewall
• 7.4 Describe Network Segmentation with VNet
• 7.5 Describe Azure Network Security groups
• 7.6 Describe Azure Bastion and JIT Access
• 7.7 Describe ways Azure encrypts data

Chapter 8 - Describe security management capabilities of Azure

• 8.1 Describe Cloud security posture management (CSPM)
• 8.2 Describe Microsoft Defender for Cloud
• 8.3 Describe the enhanced security features of Microsoft Defender for Cloud
• 8.4 Describe security baselines for Azure

Chapter 9 - Describe security capabilities of Microsoft Sentinel

• 9.1 Define the concepts of SIEM and SOAR
• 9.2 Describe how Microsoft Sentinel provides integrated threat management

Chapter 10 - Describe threat protection with Microsoft 365 Defender

• 10.1 Describe Microsoft 365 Defender services
• 10.2 Describe Microsoft Defender for Identity (formerly Azure ATP)
• 10.3 Describe Microsoft Defender for Office 365 (formerly Office 365 ATP)
• 10.4 Describe Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)
• 10.5 Describe Microsoft Defender for Cloud Apps
• 10.6 Describe the Microsoft 365 Defender portal

Chapter 11 - Describe Microsoft’s Service Trust Portal and privacy principles

• 11.1 Describe the offerings of the Service Trust portal
• 11.2 Describe Microsoft’s privacy principles

Chapter 12 - Describe the compliance management capabilities of Microsoft Purview

• 12.1 Describe the Microsoft Purview compliance portal
• 12.2 Describe compliance manager
• 12.3 Describe the use and benefits of compliance score

Chapter 13 - Describe information protection and data lifecycle management capabilities of Microsoft Purview

• 13.1 Describe data classification capabilities
• 13.2 Describe the benefits of content and activity explorer
• 13.3 Describe sensitivity labels
• 13.4 Describe Data Loss Prevention (DLP)
• 13.5 Describe Records Management
• 13.6 Describe Retention Polices and Retention Labels

Chapter 14 - Describe insider risk capabilities in Microsoft Purview

• 14.1 Describe Insider Risk Management
• 14.2
• 14.3 Describe information barriers

Chapter 15 - Describe resource governance capabilities in Azure

• 15.1 Describe Azure Policy
• 15.2 Describe Azure Blueprints
• 15.3 Describe the capabilities in the Microsoft Purview governance portal