Ask the Experts: New Microsoft Security Compliance, Identity Training and Certification Portfolio
Hello, Ignite attendees, welcome to the *** TS expert sessions for Microsoft Security Compliance and ID and identity training and certification portfolio. So. This is your time to ask the experts any questions you would like in regards to the security, compliance and identity training and certification portfolio which just officially announced yesterday. So you should have a lot of questions, so use the chat to answer your questions. You can post anonymously or use your real name.
Upvote the questions you like so we know which ones are priority and then we have the experts answer your questions an. As always, adhere to the Microsoft Code of Conduct. Be nice in the questions, essentially. So meet our experts. So I'm going to ask that the experts introduce themselves and the order of the slide, and we have another that's not on the slide, also introduced herself. So Brandon tell us who you are and tell us what you do.
Hi, I'm Brandon nib. I am the senior content developer within worldwide learning and I manage the Ms 500 which is our M 365 security administrator exam and have been developing for the last. Six months here, the new two of the new SC 200 and the SC 400 so the Information protection and the Security Operations Admin content that supports those two new start exams.
Alright, and my name is Cecilia. Pit is Benito I too am part of the worldwide learning Team global technical learning supporting security compliance and identity. And I am the person responsible for the content dev for the Microsoft Security compliance and identity fundamentals or the SC 900 training content. And this is Robert Stuart.
I am content developer also on mobile learning focusing on a Z500 as well as the new SC300 Identity certification. Hi, I'm Dwayne natwick. I am the cloud training architect lead atops gillettii. We are a Microsoft learning partner and also a Microsoft Certified Trainer Anet regionally for that program a Microsoft MVP.
And last but not least, not pictured. But then hi everyone, this is David Megan. I am a senior product marketing Manager in Microsoft ACI team. I manage our marketing strategy for Azure Security Center, an Azure defender. Alright, thank you for those wonderful introductions, so I'm going to start it off with a question.
Celia you are responsible for the security, compliance and identity fundamentals. Can you give us an idea of what are the fundamentals to security compliance and identity? Yeah, so great question Anthony. Thanks so a couple things.
First I'll just. Before going into the different functional areas and what's in there, I want to say a little bit about the target audience so when it comes to the C. 900 of the security compliance and identity fundamentals, this is really something that's targeted to someone who wants to get a foundational level of knowledge or for basic information understanding of, basically security compliance and identity across our cloud based and related Microsoft services. And so this is a very broad audience. As far as the content that's in there, we cover information certainly around general concepts of security, compliance and identity. So for example, things related to zero trust, shared responsibility model, basic concepts that we then incorporated back into other elements of the content, the training content, and in the certification as well, including security, so basic security concepts.
And of course elements of our portfolio that relate to security similar for identity. Lots of great information on Azure Active Directory. Some of the concepts associated with identity and access management and also compliance. Also that's in a nutshell and there's great information on the start page within learn that basically list all the functional areas that are covered within the training an within the exam, so that's part of the objective domain. Could go to the start page for SC 900. You can basically download the skills page that will breakdown all the four functional areas.
The weight on the exam and the topics covered underneath that. Perfect thank you for that answer, Cecilia. So we already have a couple of questions in the chats around the difference between MS-585 hundred and the new stuff, so Brandon, can you give us a quick overview of. RN yeah, what the differences between MS-585 hundred and some of the new certifications that we announced yesterday? Yeah sure can. So yeah to give you some background to Ms 500 exam, we originally contrived that almost three years ago now and at that time we you know the the security products were not in the same place they were. You know they are today and so at the time it was let's build this sort for M365 an include.
Kind of everything that would be related to that. So there's identity. There's threat protection gets into.
Compliance information protection space as well. So as it was very much kind of contrived as a generalist security search for Microsoft 365. The easy five hundreds focused more on Azure security. You know if you're aware of that, gets into security operations, but it's almost entirely Azure focused. The only overlap between those two is really around the identity and access management portion, which was 1/4 of each of those exams.
So those two have been in market now for a couple of years or so. They've been updated every 60 days. Those items, the items on that get updated. So there's still fresh and relevant.
The new serts are more focused on specific aspects of things that were on either of those, and in some cases things that are new as well. So for example, the SC 200, the security Operations Analyst search is very much focused on on threat protection, but it it covers both the Microsoft 365 aspects of the threat protection as well as Azure Sentinel. And in fact, if you look at the skills measured. You know, over 40% of the exam is Azure Sentinel focused, and that's quite a bit different if you're familiar with almost 500, which I'm guessing some of you are asking questions about it, you know we had Azure Sentinel as an objective within that assert, but the questions the items related to Azure Sentinel for example where very very basic, because again, that exam was so broad. So SC 200 very much focused on. Threat protection from that perspective, the SC400 then, which would be our information protection one, is focused on just that piece of it.
Again, if you're familiar with Ms 510 or 15 to 20% of that exam was on information protection. So now with SC400 we've got an entire exam focused on. The idea is that these new sorts are again kind of razor, or, you know, use your analogy. Laser focused on a specific role, so that's kind of how things are evolving and that's how they compare. He did that question a lot of times. This comes up is is well should and will MS-584 understand market and they will because for one thing not every bit, not every one of the objectives on those exams are covered in these three new shirts.
So this there still is a place for that. Also, there's a place there's a number of people that want that Ms 500. You know that very generalist kind of broad certain, so it's a it's staying in market. And Robert, could you give us a good idea as to why AZ 500 is still relevant amongst all of the new certifications that we have? Sure. To be honest, the answer is going to be quite similar to what Brandon was answering for. MS-585 Hundred is your operate. You know?
How do you secure your Azure environment, your solutions and apply the you know the the right security technologies to make sure that you have your solution set up correctly within Azure is very focused there, it it does have some overlap with identity and. A little bit of overlap with Spec OPS, but the. Again, those are those are general. We explain and question on what's Azure Sentinel is and not really how to do much more than than just configure it in the fact that you need a special license to be able to use it identities the same way it's you need to know what off is and what. But we're not going deep into those topics within the Azure certification where we do within the this new specialty certification. So if you're focused on doing operational security and locking down your Azure environment as a as a security engineer, than a Z500 is the right certification.
If you're wanting to drill in and being identity specialist, then you can go over to the identity side. Or if you want to do security operations again, that's the setup exams. Those are drilling into very specialized topics and going much deeper.
Absolutely so. There's a lot of new security content out there, and that's because the need for security is very significant. Dev room. Could you talk a little bit about what we're seeing in the industry and what are the factors that make this security training relevant today? Thanks for the question. I think this industry is evolving towards securing cloud workloads very fast because of the fact that we have a lot more remote workers today and we're working on developing our strategy for multi cloud protection as well. As you know, improving the way our products work together for threat protection. Last night, for example, we announced our semen exterior approach where we provide breath threat protection for the enterprises with Azure Sentinel and then deep technical deep extended detection and response capabilities with Azure Defender, an Microsoft 365 defender.
This ignite we announced you know better integration between these products specifically between Azure Sentinel and Microsoft 365 Defender. And we keep investing in each product to provide better capabilities for our users, so you know, as we continue this journey an improve the capabilities of our products, it's very important for us to make sure that you know, we bring you along with us and we provide you the tools necessary to make sure you can benefit. Best from all these new things we're heading into the products, so I think that's why it's very important for us to make sure. Our trainings are up to date and our users are benefiting from both the capabilities that exist in the product and also staying up to date with their knowledge about the products. Absolutely. And since we have
so many new certifications, new training materials so we can help you protect your environment and secure your cloud, Dwayne, how would someone go about successfully studying and preparing for these exams so that they can be a security expert as relates to these Microsoft products? Yeah, that's a. That's a great question. I mean, I, I always tell anybody in one of the things that. That we even do as a learning partner is always try as a prereq and even just to start is to start with the fundamentals exam. Start with Microsoft, learn Microsoft.
Learn is a lot of rich content and links to links to Microsoft Docs and all of the great content that Microsoft has. And it's a great place to begin. It's a great place to reinforce your learning. If you go through a live instructor LED training like.
Like what we provide but but I always tell everybody. Microsoft learns a great place, it's free content. It's great content to go out and and. Reinforce your interest in a topic before you pay for any kind of training and it just gets you. It gets you started and gets kind of the learning. The learning groove going for you as you start to get into into going down the path of a certification and one of the things I can say about the SCSC content in courses is that that worldwide learning is a great job of putting those learning paths together, and they're really strong to the objective.
Areas so so understanding a lot of that, you know one of the key things around the SC 200 exam is like Brandon said, a lot around investigating and hunting an and using Kusto query language and log analytics within Azure Sentinel, which is, you know, for a lot of people, especially probably security people. Something kind of new to them and there is a there is probably about 8 or 9 modules. I think in Microsoft learned just on kusto queries so. So really great content there and definitely where I would recommend starting.
Perfect thank you for that. So we have a couple of questions from the audience in Sicilia. I'm going to throw both them to you. The first one.
Does any of this content cover on premise or on premises environments and two we have a senior security professional wondering if they should say guess C 900 so on the 1st question with regard to the on premise. The focus of the security fundamentals is mostly around cloud now that is in the context of cloud, we will certainly talk about hybrid scenarios and things that you can do with AAD Connect and synchronization, but it is not explicitly focused on on premise. We really are focused on moving to the cloud, but like I said, there are some things that we touch on in the context of hybrid scenario with regard to the second question with regard to security professionals. This is a foundational course, but if you are new to Microsoft, it is a great place to start to become familiar with some of the Microsoft Solutions relative to security, compliance and identity. So at any level it's a great course to start if you're not familiar with with Microsoft because we introduce. A lot of the capabilities and in terms of security compliance, an identity so great for anybody at any level, especially if you're not yet familiar with Microsoft Solutions.
Absolutely thank you for that answer I. Next question from the audience. I am really a novice on security and compliance since I'm more of a developer than an admin. However, I am considered one of the more skilled of the two global admins of our tenant said I know which learning path or certification in Microsoft learn should I start with. Think I'll go with Robert for this one. Yeah, so if you were gonna be new you want to dig into the security space then it's definitely a starting point for the SC 900.
The Security fundamentals certification and that will give you a good grounding. I'd also recommend just because we are talking a lot more about cloud security, the EZ 900, the Azure Fundamentals Training and certification between those two. You're going to get a Indian balance of what's possible within the cloud and what you can do from a security standpoint with those. And then you start you can drill into the other role based certifications based off of where your interest or or passion is is. If you want to go into identity into the querying, whichever topic that you want to drill into. Then you can start picking up the role based certifications.
Hey Robert, wanna stick to you for one more question. The Microsoft Certified Azure Administrator associate AZ 104 eventually be replaced by all of these specialized topics. Identity security windows virtual desktop, Azure stack, HCI, etc. Or will it serve as more of a generalized administrator certification? That's not a security certification.
What are we doing over here? So we're not going to see a Z 104 be replaced by these certifications. We're going to see there's always going to need be a specialty. Lies need to be able to administrate your Azure infrastructure and all of the solutions that are running on it. And then there will always be a need to secure to continue to secure those solutions and drive better protection of your.
Data your people, your information, so you're not going to see it go away. You will continue to see it evolve as an organization. We're always talking across the different exams in the different groups about how we can better make our content work together.
But there's there's always going to be a need for a role of a Azure admin. Straighter and therefore certification and training associated with that. Absolutely. And Brandon. I'm going to ask you the next question.
Are there any plans or thoughts? To expand the SC series against an expert certification like Azure Solutions architect expert. Yes, that's a good question. We have been researching such a thing, but there is at the time.
At this moment there's no plan to build that, but things could change. I would put it that way so we've looked into it, and if there's enough demand that there you know that's a possibility in the future. Perfect. And Dwayne, I was asking you about how one should prepare and study for these certifications that we have.
How else should they look to research about the topic beyond certification and learn more about this? Oh, you know, as I as I kind of hit on before the Microsoft. You know, using Microsoft Docs really is very helpful because there is you can learn about the topic. Overall it gives gives information on how to. Still on like tutorials and step by step processes of utilizing certain technologies and and kind of walk through different scenarios, there's a lot of other things. Other pieces to the you know to learn as well that Microsoft has one of the things that we utilized a lot of times in our in our instructor LED training is we will use Microsoft Cloud workshops which are free and available online that have hands-on labs have. Whiteboard design sessions where you can go through and kind of get a team of your engineers and kind of whiteboard out what you what you wanted.
You know how how to build based on a scenario based and just kind of in kind of brainstorm how to utilize different technologies and where different technologies will be used and you know those are always helpful. Just to you know, rather than just doing Burke book learning and watching videos and things of that gets you a little bit more hands on with the technology which which if you're going to be successful. It is extremely important and one of the things you recommend always doing labs and getting into the environment utilizing your.
You know your free subscription to to a tenant and try and get hands-on with the technologies. Whether it's Microsoft 365 or or Azure. To understand what you know what they're talking about and what you're learning about.
Absolutely thank you for that. The next question I'm going to direct that Brandon. Basically. Who is the the correct candidate for the SC 200? So we have an individual who works as a security analyst. Should they learn as they should, they take SC 200.
Should they learn that content or certain other certification is more appropriate to them? No other security. If your security operations analyst, if that's your job. If hunting threats and responding, reacting to threats that have come in through your system, then yeah, that's the appropriate learning track that's appropriate search for you.
Yeah so. Really, that's the only thing we have in that space, right? Ms 500. Very broad, doesn't really get into that much at all. So yes, definitely. If that's your job, that's that's the exam for you. Perfect Anne bedroom.
Where are you seeing the focus externally in terms of the business of security? What's really lighting up the radar and getting a lot of attention presently? Um? I think threat protection has been top of mind and cause there is a lot more people that are that have access to the remote setup. We have seen an increased number of threats. You know you can see it with the recent Solar Gate attack, so threat protection has been top of mind. The other thing we see in the industry is a convergence of cloud security posture management together with threat protection, and we're hearing a lot about our customers being able to manage these platforms from a single UI, whether their own premises in Azure or in other cloud. So the multi cloud slash hybrid cloud scenario.
Is also getting a lot of demand these days and we have capabilities now integrated into the product that will be able to help our customers to go through these scenarios. Perfect thank you for that Ann. Slightly off topic, but a question from the audience will search like a Z500. Achieved late last year. Be eligible for the new RE certification process. I think all that I think I'll answer that one, yes.
Eventually you will have the opportunity to renew your certification. Another question from the audience with the increased focus on security over the past few years, will we see more security centric certifications from Microsoft in a future Sicilian? Yeah, and so I think Brandon text on this right now. A little bit ago there are things that we're looking at as far as future certifications. Would that be more at the expert level? So I think that's there's more to come in very short order. We launched for new brand new certifications at various levels from fundamentals to associate level, and so definitely something we're looking at as an organization as a team and a CI.
So more to come. Stay tuned. I think there's great things ahead. In this area, and so yeah, I think we'll be seeing more so stay tuned.
Murphy Robert. The next question. I'll swing your way. Are there any free ways to gain experience on some of the higher end skills locked behind Azura, ADP two or E5 level? Currently only have business premium. So.
I'm not 100% sure I've got a great answer for that particular that particular question there. There are generally free trials available that you can sign up for a 30 day trial, but I I'm kind of stumbling over this one. If somebody else has a has a better answer, I go for it, but. Free trials are about the best way that I could think of. There's lots of training that goes into it on Ms. Learn that an both end in docs that give you sample walkthroughs of how the content works.
Even if you can't physically try it yourself, you get a decent set of pictures as well as step by step walkthroughs that can give you information, but if you're really wanting to physically go and try and do it yourself, then they the options are a lot more limited. Understood and Brandon will these exams include labs such as how easy 100 one 03 hasn't. Right, the performance based testing, right? That's the that's the question people have is experienced that. I would expect that to be the case.
I haven't seen them specifically. I know that for the beta, the beta just has the typical multiple choice type questions that we would see on an exam. But no, I would expect the associate level 'cause right we we do this on the at least the associate level exams would have a performance based testing component where VMS or tenants will be spun up and you'll be asked to do a specific task within the within the rowlan.
And I can tell you for sure on SC the 200 and 400 exams. You know we're already building labs that support the instructor LED training, so I could completely imagine a scenario where performance based testing becomes a component of those exams. Absolutely.
So we have one minute left. Saint Cecilia what is your closing advice to this audience? Particularly as so many of them are going to go look at fundamentals and and try to pass that exam. You know, and I think you heard it from joining others.
Go to learn lots of great free content we have. Click through guides and so there's great opportunities to prepare for that exam. There's a skills outline document on the start page, so go to the start page. Go to learn, look for the information bro. Caused by SC 900 and I think you'll find a lot of great information that will help you prepare so good luck. Perfect and on that note, I'm going to leave you with the Microsoft Training and certification resources.
So if you want to venture into the Microsoft learn ecosystem, you can go to AKA DOT Ms Slash, learn at Ignite and you'll get a whole lot of information and a lot of training opportunities there. Or you can go directly to the certifications or you can continue to connect with our experts. In the tech community, or if you want to have the opportunity to get certified and learn everything, you can enter into our cloud skills challenge and you see that URL URL there right on the screen.
Otherwise I'd like to bid you ado. Have a great night and thank you for joining us.