Microsoft Certified: Security, Compliance, and Identity Fundamentals Questions and Answers
200 questions organized by topic with detailed explanations
Microsoft
SC-900
200 questions
4 topics
Updated May 2026Describe the concepts of security, compliance, and identity
27 questions10 easy12 medium5 hard~13% of exam
Which Zero Trust principle requires every access request to be authenticated and authorized using all available signals?Which part of the CIA triad is focused on making sure data is not altered improperly?In the cloud shared responsibility model, which responsibility does the customer always retain?
Describe the capabilities of Microsoft Entra
55 questions14 easy30 medium11 hard~27% of exam
Which Microsoft Entra capability can automatically require multifactor authentication when sign-in risk is medium or hig...An organization has legacy applications in Azure that require LDAP and Kerberos authentication. Which Microsoft Entra ca...Which Microsoft Entra feature provides just-in-time privileged access and time-based role activation?
Describe the capabilities of Microsoft security solutions
72 questions15 easy39 medium18 hard~37% of exam
Describe the capabilities of Microsoft compliance solutions
46 questions13 easy19 medium14 hard~23% of exam
Which statement accurately describes how Microsoft Purview DLP evaluates Exchange email compared with SharePoint and One...Which Microsoft Purview solution adds legal holds to case-based investigations while building on basic search and export...What does Microsoft Purview Compliance Manager use to help show your organization's progress on compliance work?
All Questions
| # | Question | Topic | Difficulty |
|---|---|---|---|
| 1 | Microsoft Defender for Cloud is best described as which type of solution? | Describe the capabilities of Microsoft security solutions | medium |
| 2 | Which capability is added by Microsoft Defender for Office 365 Plan 2 beyond Plan 1? | Describe the capabilities of Microsoft security solutions | hard |
| 3 | Which Microsoft Entra capability can automatically require multifactor authentication when sign-in r... | Describe the capabilities of Microsoft Entra | hard |
| 4 | An organization has legacy applications in Azure that require LDAP and Kerberos authentication. Whic... | Describe the capabilities of Microsoft Entra | medium |
| 5 | Which statement accurately describes how Microsoft Purview DLP evaluates Exchange email compared wit... | Describe the capabilities of Microsoft compliance solutions | hard |
Sign in to see all 200 questions
Create a free account to browse all questions — completely free during our launch phase.
Ready to test your knowledge?
Take a full Microsoft Certified: Security, Compliance, and Identity Fundamentals practice test with timed exam simulation.
Start Practice Test