| Describe the capabilities of Microsoft security solutions | Azure DDoS Protection, Azure Firewall, Web Application Firewall, network segmentation with virtual networks, network security groups, Azure Bastion, Azure Key Vault. Then Defender for Cloud and Cloud Security Posture Management, SIEM and SOAR as concepts, threat detection in Microsoft Sentinel, and the whole Defender XDR family: Office 365, Endpoint, Cloud Apps, Identity, Vulnerability Management, Threat Intelligence, and the Defender portal. The biggest domain. | 35 to 40% |
| Describe the capabilities of Microsoft Entra | Entra ID, types of identities including agent ID, hybrid identity, authentication methods, MFA, password protection, Conditional Access, Entra roles and RBAC, ID Governance, access reviews, Privileged Identity Management, ID Protection. | 25 to 30% |
| Describe the capabilities of Microsoft compliance solutions | Service Trust Portal, Microsoft's privacy principles, the Microsoft Purview portal, Compliance Manager and compliance score, data classification, Content and Activity explorer, sensitivity labels, data loss prevention, records management, retention policies and labels, insider risk management, eDiscovery, audit. | 20 to 25% |
| Describe the concepts of security, compliance, and identity | The shared responsibility model, defense-in-depth, the Zero Trust model, encryption and hashing, Governance Risk and Compliance, identity as the primary security perimeter, authentication versus authorization, identity providers, directory services and Active Directory, federation. The smallest domain, and the only vendor-neutral one. | 10 to 15% |