CheapestExamDumps!

Microsoft

SC-900 — Microsoft Security, Compliance, and Identity Fundamentals Study Guide

224 practice questions Updated 2026-02-27 $19 (70% off) HTML + PDF formats

SC-900 Exam Overview

Prepare for the Microsoft SC-900 certification exam with our comprehensive study guide. This study material contains 224 practice questions sourced from real exams and expert-verified for accuracy. Each question includes the correct answer and a detailed explanation to help you understand the material thoroughly.

The SC-900 exam — Microsoft Security, Compliance, and Identity Fundamentals — is offered by Microsoft. Passing this exam earns you the Microsoft Certified: Security, Compliance, and Identity Fundamentals credential, an industry-recognized certification that validates your expertise. Our study materials were last updated on 2026-02-27 to reflect the most recent exam objectives and content.

What You Get

224 Practice Questions

Complete question bank covering all exam domains and objectives.

HTML + PDF Formats

Interactive HTML file (recommended) for screen study and a print-ready PDF.

Instant Download

Access your study materials immediately after purchase.

Email with Permanent Download Links

You will receive a confirmation email with permanent download links in case you want to download the files again in the future.

Why Choose CheapestExamDumps?

Lowest Price Available

Only $19 per exam — competitors charge $50-$300 for similar content.

Updated Monthly

Study materials refreshed within 30 days of any exam content changes.

Free Preview

Try 15 real practice questions before you buy — no signup required.

Instant Access

Download HTML + PDF immediately after payment. No waiting, no account needed.

About the Microsoft Certified: Security, Compliance, and Identity Fundamentals

The Microsoft Certified: Security, Compliance, and Identity Fundamentals is awarded by Microsoft to professionals who demonstrate competence in the skills measured by the SC-900 exam. According to the official Microsoft certification page, this certification validates your ability to work with the technologies covered in the exam objectives.

According to the Global Knowledge IT Skills and Salary Report, certified IT professionals earn 15-25% more than their non-certified peers. Certifications from Microsoft are among the most recognized credentials in the IT industry, with strong demand across enterprise organizations worldwide.

$63 $19

One-time payment · HTML + PDF · Instant download · 224 questions

Free Sample — 15 Practice Questions

Preview 15 of 224 questions from the SC-900 exam. Try before you buy — purchase the full study guide for all 224 questions with answers and explanations.

Question 9

HOTSPOT - Select the answer that correctly completes the sentence.

Illustration for SC-900 question 9
Show Answer
Correct Answer: Permission classifications
Explanation:
The Entra Permissions Management portal provides access to permission classification features used to categorize and assess permissions. Other options are accessed through different Entra or security portals.

Question 73

HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Illustration for SC-900 question 73
Show Answer
Correct Answer: Yes No No
Explanation:
Asymmetric encryption uses a public/private key pair. Symmetric encryption uses a single shared secret key, not a key pair. Hashes are one-way functions; original content cannot be decrypted from a hash.

Question 132

HOTSPOT - Select the answer that correctly completes the sentence. Hot Area:

Illustration for SC-900 question 132
Show Answer
Correct Answer: authorization
Explanation:
Authorization determines what actions or resources a user is allowed to access after they attempt to use an application or service.

Question 72

HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Illustration for SC-900 question 72
Show Answer
Correct Answer: No Yes Yes
Explanation:
SaaS: application updates are handled by the provider, not the organization. IaaS: the cloud provider manages the physical network. All Azure deployment types: the organization is always responsible for the security of its information and data.

Question 125

HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:

Illustration for SC-900 question 125
Show Answer
Correct Answer: Yes Yes No
Explanation:
Enabling MFA is an improvement action that increases Microsoft Secure Score. A higher Secure Score indicates better security posture and typically lower identified risk. Controls tied to regulations and standards for data protection and governance are measured by Compliance Score, not Secure Score.

Question 96

HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Illustration for SC-900 question 96
Show Answer
Correct Answer: No Yes Yes
Explanation:
1) Identity Protection does not add users to groups based on risk; risk level is not a dynamic group attribute. 2) Identity Protection can detect leaked credentials using risk detections. 3) Identity Protection integrates with Conditional Access to require MFA based on user or sign-in risk.

Question 160

What can you use to scan email attachments and forward the attachments to recipients only if the attachments are free from malware?

A. Microsoft Defender for Office 365
B. Microsoft Defender Antivirus
C. Microsoft Defender for Identity
D. Microsoft Defender for Endpoint
Show Answer
Correct Answer: A
Explanation:
Microsoft Defender for Office 365 provides Safe Attachments, which scans email attachments for malware and only delivers them to recipients if they are deemed safe. The other options focus on endpoint, identity, or device protection rather than email attachment scanning and forwarding.

Question 188

HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:

Illustration for SC-900 question 188
Show Answer
Correct Answer: Yes No Yes
Explanation:
Advanced (Premium) Audit logs events such as MailItemsAccessed, allowing identification of when email items were accessed. It does not share the same retention as core/standard auditing because it provides longer retention. It also provides customer-dedicated, higher-bandwidth access to audit data via the Management Activity API.

Question 141

What does Conditional Access evaluate by using Azure Active Directory (Azure AD) Identity Protection?

A. user actions
B. group membership
C. device compliance
D. user risk
Show Answer
Correct Answer: D
Explanation:
Azure AD Identity Protection provides risk signals (such as leaked credentials, atypical travel, or malware-linked IPs) that Conditional Access can evaluate specifically as **user risk**. Other options like group membership, device compliance, or user actions are evaluated by Conditional Access itself, not by Identity Protection.

Question 120

HOTSPOT - Select the answer that correctly completes the sentence. Hot Area:

Illustration for SC-900 question 120
Show Answer
Correct Answer: playbooks.
Explanation:
In Microsoft Sentinel, playbooks automate common tasks and incident responses using workflows (Azure Logic Apps).

Question 49

HOTSPOT - Select the answer that correctly completes the sentence.

Illustration for SC-900 question 49
Show Answer
Correct Answer: is tied to the lifecycle of the resource that uses it.
Explanation:
A system-assigned managed identity is automatically created and deleted with the Azure resource, so its service principal follows the resource lifecycle.

Question 216

HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:

Illustration for SC-900 question 216
Show Answer
Correct Answer: 1. No 2. Yes 3. Yes
Explanation:
Azure Active Directory (now Microsoft Entra ID) is a cloud-based service, not deployed on-premises. It is included with Microsoft 365 subscriptions and provides identity and access management capabilities.

Question 186

Which three authentication methods does Windows Hello for Business support? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

A. fingerprint
B. facial recognition
C. PIN
D. email verification
E. security question
Show Answer
Correct Answer: A, B, C
Explanation:
Windows Hello for Business supports PIN-based authentication and biometric methods, including fingerprint and facial recognition. Email verification and security questions are not authentication methods used by Windows Hello for Business for device sign-in.

Question 198

HOTSPOT - Select the answer that correctly completes the sentence. Hot Area:

Illustration for SC-900 question 198
Show Answer
Correct Answer: continually
Explanation:
Compliance Manager evaluates and updates compliance data on an ongoing basis as controls are assessed continuously rather than at fixed intervals.

Question 203

HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:

Illustration for SC-900 question 203
Show Answer
Correct Answer: Verify explicitly: Yes Assume breach: Yes Firewall secures internal network from external threats: No
Explanation:
Zero Trust principles include Verify explicitly and Assume breach. Zero Trust does not assume the internal network is safe behind a firewall; every request is treated as untrusted.

$63 $19

Get all 224 questions with detailed answers and explanations

SC-900 — Frequently Asked Questions

What is the Microsoft SC-900 exam?

The Microsoft SC-900 exam — Microsoft Security, Compliance, and Identity Fundamentals — is a professional IT certification exam offered by Microsoft. Passing this exam earns you the Microsoft Certified: Security, Compliance, and Identity Fundamentals certification, a widely recognized credential in the IT industry.

How many practice questions are included?

This study guide contains 224 practice questions, each with an expert-verified correct answer and a detailed explanation. Questions cover all exam domains and objectives.

Is there a free sample available?

Yes! We provide a free sample of 15 practice questions from the SC-900 exam right on this page. Scroll up to preview them and evaluate the quality of our materials before purchasing.

When was this SC-900 study guide last updated?

This study guide was last updated on 2026-02-27. We regularly refresh our materials to reflect the latest exam content and objectives so you're always studying current material.

What file formats do I receive?

After purchase you receive two files: an interactive HTML file with show/hide answer toggles (ideal for studying on screen) and a PDF file (ideal for printing or offline study). Both work on any device — desktop, tablet, or phone.

How much does the SC-900 study guide cost?

The Microsoft SC-900 study guide costs $19 (discounted from $63). This is a one-time payment with no subscriptions or hidden fees.

How do I get my files after payment?

After successful payment via Stripe, you are immediately redirected to a download page with links to your HTML and PDF files. We also send the download links to your email address as a backup, so you'll always have access.

Why choose CheapestExamDumps over other providers?

CheapestExamDumps offers the lowest price at $19 per exam — competitors charge $50-$300 for similar content. All study materials are expert-verified, updated monthly, and include a free 15-question preview with no signup required. You get instant access to both HTML and PDF formats after payment.

More Microsoft Certification Exams

DP-900 Microsoft Azure Data Fundamentals DP-700 Implementing Data Engineering Solutions Using Microsoft Fabric AZ-400 Designing and Implementing Microsoft DevOps Solutions PL-200 Microsoft Power Platform Functional Consultant PL-600 Microsoft Power Platform Solution Architect SC-200 Microsoft Security Operations Analyst

View all Microsoft exams →