Microsoft Security, Compliance, and Identity Fundamentals (SC-900) Exam Preparation
Are you aspiring to enhance your career in cybersecurity and compliance? Dive into the world of Microsoft Security, Compliance, and Identity Fundamentals with our detailed syllabus, exam format, and sample questions for the SC-900 exam. Prepare yourself for success with in-depth discussions and insights into the core concepts required to pass the certification with flying colors. Whether you are a seasoned professional looking to validate your skills or a newcomer aiming to break into the cybersecurity domain, our resources will guide you through the essential topics and help you excel in the exam. Stay ahead of the curve and boost your credentials in the fast-growing field of security, compliance, and identity. Let's embark on this learning journey together!
Microsoft SC-900 Exam Topics, Explanation and Discussion
The topic "Describe the Concepts of Security, Compliance, and Identity" is a fundamental component of the Microsoft Security, Compliance, and Identity Fundamentals exam. This section covers the basic principles of cybersecurity, including the CIA triad (Confidentiality, Integrity, and Availability), common security threats and vulnerabilities, and the concept of defense in depth. It also introduces compliance principles, such as data protection regulations and industry standards. Additionally, the topic explores identity and access management concepts, including authentication, authorization, and identity providers.
This topic forms the foundation for understanding the more advanced concepts covered in the exam. It provides candidates with the essential knowledge needed to grasp the importance of security, compliance, and identity in modern IT environments. By mastering these concepts, candidates will be better equipped to understand and implement Microsoft's security solutions and best practices.
Candidates can expect a variety of question types on this topic in the actual exam:
- Multiple-choice questions testing knowledge of key terms and definitions related to security, compliance, and identity
- Scenario-based questions that require applying basic security concepts to real-world situations
- True/false questions to assess understanding of fundamental principles
- Matching questions that may ask candidates to pair security threats with appropriate countermeasures
- Questions that require identifying components of the CIA triad or elements of defense in depth strategies
The depth of knowledge required for this topic is foundational, focusing on understanding and recognizing key concepts rather than in-depth technical implementation details. Candidates should be prepared to demonstrate a solid grasp of basic security, compliance, and identity principles and their relevance in modern IT environments.
Microsoft Identity and Access Management Solutions are a crucial component of modern security infrastructure. These solutions encompass various tools and services designed to manage and secure user identities, control access to resources, and protect sensitive information. Key components include Azure Active Directory (Azure AD) for cloud-based identity management, Multi-Factor Authentication (MFA) for enhanced security, and Conditional Access policies to enforce granular access controls. Additionally, Azure AD Identity Protection uses machine learning algorithms to detect and mitigate potential identity-based threats, while Privileged Identity Management (PIM) helps organizations manage, control, and monitor access to critical resources.
This topic is fundamental to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it forms the backbone of Microsoft's security approach. Understanding these capabilities is essential for implementing a robust security posture in cloud and hybrid environments. The topic directly relates to the "Describe the capabilities of Microsoft security solutions" domain of the exam, which accounts for a significant portion of the test. Mastering this subject will provide candidates with a solid foundation for comprehending more advanced security concepts and solutions within the Microsoft ecosystem.
Candidates can expect various question types on this topic in the SC-900 exam:
- Multiple-choice questions testing knowledge of specific features and capabilities of Microsoft Identity and Access Management solutions
- Scenario-based questions requiring candidates to identify the most appropriate solution for a given security challenge
- True/False questions to assess understanding of key concepts and functionalities
- Matching questions to connect different identity and access management components with their primary functions
- Case study questions that present a complex scenario and ask candidates to analyze and recommend suitable identity and access management strategies
The depth of knowledge required will primarily focus on understanding the core concepts, key features, and basic implementation scenarios of these solutions. Candidates should be prepared to demonstrate their ability to identify and explain the purpose of various Microsoft Identity and Access Management tools and how they contribute to an organization's overall security posture.
Microsoft Security Solutions encompass a wide range of tools and services designed to protect organizations from various cybersecurity threats. These solutions include Microsoft Defender for Cloud, Microsoft 365 Defender, Microsoft Sentinel, and Azure Active Directory (Azure AD). Microsoft Defender for Cloud provides cloud security posture management and workload protection for multi-cloud and hybrid environments. Microsoft 365 Defender offers an integrated suite of security tools for email, endpoints, identity, and cloud apps. Microsoft Sentinel is a cloud-native SIEM and SOAR solution that provides intelligent security analytics across the enterprise. Azure AD delivers comprehensive identity and access management capabilities, including multi-factor authentication and conditional access.
This topic is crucial to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it forms a significant part of the "Describe the capabilities of Microsoft security solutions" domain. Understanding these security solutions is essential for candidates to grasp how Microsoft addresses various security challenges in modern IT environments. This knowledge serves as a foundation for comprehending more advanced security concepts and implementations in the Microsoft ecosystem.
Candidates can expect several types of questions on this topic in the SC-900 exam:
- Multiple-choice questions testing knowledge of specific features and capabilities of each security solution
- Scenario-based questions asking candidates to identify the most appropriate Microsoft security solution for a given situation
- True/false questions to assess understanding of the basic concepts and functionalities of these security tools
- Matching questions that require linking security solutions to their primary functions or use cases
The depth of knowledge required will typically focus on foundational understanding rather than in-depth technical details. Candidates should be familiar with the main features, benefits, and use cases of each Microsoft security solution, as well as how they integrate with each other to provide comprehensive security coverage.
Microsoft Compliance Solutions are designed to help organizations manage and protect their data, meet regulatory requirements, and mitigate risks. These solutions include tools for data governance, information protection, insider risk management, and compliance management. Key features include data classification, data loss prevention (DLP), eDiscovery, audit capabilities, and compliance score assessment. Microsoft Compliance Solutions also provide capabilities for managing retention policies, implementing ethical walls, and conducting communication compliance monitoring.
This topic is crucial to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it forms a significant part of the compliance pillar. Understanding these capabilities is essential for candidates to grasp how organizations can maintain regulatory compliance and protect sensitive information using Microsoft's tools. It ties into broader concepts of data protection, risk management, and governance, which are fundamental to the overall security and compliance framework covered in the exam.
Candidates can expect the following types of questions on this topic:
- Multiple-choice questions testing knowledge of specific compliance solution features (e.g., "Which Microsoft Compliance solution is used for data classification and labeling?")
- Scenario-based questions where candidates must identify the appropriate compliance solution for a given business requirement (e.g., "A company needs to monitor internal communications for potential policy violations. Which Microsoft Compliance solution should they use?")
- True/false questions about the capabilities of various compliance tools
- Questions that require matching compliance solutions to their primary functions or use cases
The depth of knowledge required will typically focus on understanding the core capabilities and use cases of each compliance solution, rather than detailed configuration steps. Candidates should be prepared to demonstrate a broad understanding of how these tools work together to create a comprehensive compliance strategy.
Microsoft Entra (formerly Azure Active Directory) is a comprehensive identity and access management service that forms the foundation of Microsoft's identity solutions. It provides capabilities for managing user identities, controlling access to resources, and implementing security measures across cloud and on-premises environments. Key features of Microsoft Entra include single sign-on (SSO), multi-factor authentication (MFA), conditional access policies, and identity protection. It also offers tools for managing privileged identities, monitoring identity-related risks, and ensuring compliance with various regulations.
This topic is crucial to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it covers one of the core pillars of Microsoft's security framework. Understanding Microsoft Entra's capabilities is essential for implementing effective identity and access management strategies, which are fundamental to securing modern IT environments. This knowledge directly relates to the exam's focus on identity and access management principles and practices within the Microsoft ecosystem.
Candidates can expect various types of questions on this topic in the SC-900 exam:
- Multiple-choice questions testing knowledge of Microsoft Entra's features and capabilities
- Scenario-based questions asking candidates to identify the most appropriate Microsoft Entra solution for a given security or access management challenge
- True/false questions about the functionalities and benefits of Microsoft Entra
- Questions comparing Microsoft Entra to other identity and access management solutions
- Questions on how Microsoft Entra integrates with other Microsoft security services and products
The depth of knowledge required will typically focus on understanding the core concepts, key features, and basic implementation scenarios of Microsoft Entra, rather than in-depth technical configurations or advanced troubleshooting.
Big Data Analysis and Processing is not a specific topic covered in the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This exam focuses on foundational concepts related to security, compliance, and identity in Microsoft 365 and Azure environments. While data analysis and processing are important in various IT fields, they are not core components of this particular certification.
The SC-900 exam primarily covers topics such as security principles, compliance concepts, identity and access management, and Microsoft security solutions. It does not delve into big data analysis or processing techniques.
Given that Big Data Analysis and Processing is not part of the SC-900 exam content, it does not directly relate to the overall exam or study guide. Candidates should focus on the core areas outlined in the official exam objectives, which include:
- Describing the concepts of security, compliance, and identity
- Explaining the capabilities of Microsoft identity and access management solutions
- Describing the capabilities of Microsoft security solutions
- Describing the capabilities of Microsoft compliance solutions
As Big Data Analysis and Processing is not included in the SC-900 exam, candidates should not expect to encounter questions specifically related to this topic. Instead, they should prepare for questions on the following areas:
- Multiple-choice questions on security concepts, compliance principles, and identity fundamentals
- Scenario-based questions that assess understanding of Microsoft 365 and Azure security features
- Questions on identity and access management solutions, such as Azure Active Directory
- Questions about Microsoft compliance tools and features, including information protection and data governance
Candidates should focus their study efforts on the official exam objectives and Microsoft documentation related to security, compliance, and identity in Microsoft 365 and Azure environments.
Setup & Configuration in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) primarily focuses on the initial steps and processes involved in implementing Microsoft 365 and Azure security solutions. This includes configuring basic security settings, setting up user accounts and permissions, and establishing baseline security policies. Key sub-topics include Azure Active Directory setup, configuring multi-factor authentication, implementing conditional access policies, and setting up basic threat protection features in Microsoft 365 Defender.
This topic is crucial to the overall SC-900 exam as it forms the foundation for understanding how to implement and manage Microsoft's security solutions. It relates directly to the exam's objectives of demonstrating knowledge of security, compliance, and identity concepts in cloud-based and related Microsoft services. Mastering setup and configuration is essential for candidates to grasp how these solutions work together to create a comprehensive security framework.
Candidates can expect the following types of questions on this topic:
- Multiple-choice questions testing knowledge of specific setup steps or configuration options
- Scenario-based questions asking candidates to identify the correct setup or configuration approach for a given situation
- True/false questions about the capabilities and limitations of various setup and configuration options
- Questions requiring candidates to order steps in the correct sequence for setting up a particular feature or service
The depth of knowledge required will typically focus on understanding the basic concepts and general processes rather than detailed, step-by-step procedures. Candidates should be familiar with the main features and settings available in Azure AD, Microsoft 365 Defender, and related services, as well as their purpose and impact on overall security posture.
Performance optimization is not a primary focus of the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This certification is designed to cover the foundational concepts of security, compliance, and identity in Microsoft 365 and Azure environments. While performance optimization can be indirectly related to security and compliance, it is not explicitly covered in the exam objectives.
Instead of performance optimization, the SC-900 exam focuses on topics such as security concepts, Microsoft identity and access management solutions, security capabilities of Azure, and compliance management in Microsoft. Candidates should concentrate on understanding these core areas rather than specific performance optimization techniques.
Although performance optimization is not a central topic in the SC-900 exam, it indirectly relates to the overall exam content in the following ways:
- Security measures can sometimes impact system performance, so understanding the balance between security and performance is important.
- Efficient identity and access management solutions can contribute to better overall system performance.
- Compliance requirements may influence how systems are configured, which can affect performance.
Given that performance optimization is not a primary focus of the SC-900 exam, candidates are unlikely to encounter direct questions on this topic. However, they may come across related concepts in the following ways:
- Multiple-choice questions about the impact of security measures on system functionality.
- Scenario-based questions that require understanding the balance between security, compliance, and system efficiency.
- Questions about best practices for implementing identity and access management solutions, which may touch on performance considerations.
Candidates should focus their study efforts on the core topics outlined in the official exam objectives, such as security concepts, Microsoft identity and access management solutions, and compliance management in Microsoft environments.
Proof of Concept (PoC) Planning is an essential step in implementing security solutions within an organization. It involves creating a small-scale, preliminary project to demonstrate the feasibility and potential benefits of a proposed security solution before full-scale implementation. In the context of Microsoft security solutions, PoC planning typically includes defining objectives, identifying key stakeholders, selecting appropriate tools and technologies, and establishing success criteria. This process helps organizations evaluate the effectiveness of security measures, identify potential challenges, and make informed decisions about larger-scale deployments.
This topic relates to the overall Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam by emphasizing the importance of strategic planning and evaluation in implementing security solutions. Understanding PoC planning is crucial for candidates as it demonstrates their ability to approach security implementations methodically and assess their potential impact on an organization's security posture. This knowledge is particularly relevant to the exam's focus on describing the concepts of security, compliance, and identity within the Microsoft ecosystem.
Candidates can expect the following types of questions regarding Proof of Concept Planning in the SC-900 exam:
- Multiple-choice questions testing knowledge of PoC planning steps and best practices
- Scenario-based questions asking candidates to identify appropriate PoC strategies for given security implementation scenarios
- Questions assessing the ability to recognize the benefits and limitations of PoC in security solution deployment
- True/false questions on the purpose and scope of PoC planning in security implementations
The depth of knowledge required will typically focus on fundamental understanding and recognition of PoC planning concepts, rather than in-depth technical details or implementation specifics.
Network Security is a crucial component of Microsoft's security framework, focusing on protecting network infrastructure and data in transit. It encompasses various technologies and practices such as firewalls, network segmentation, and secure protocols. In the context of Microsoft's cloud services, Network Security includes Azure Firewall, Network Security Groups (NSGs), and Azure DDoS Protection. These tools help organizations control network traffic, prevent unauthorized access, and protect against various network-based threats. Additionally, Network Security involves implementing secure connectivity solutions like VPNs and ExpressRoute for safe communication between on-premises networks and cloud resources.
This topic is integral to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it forms a core part of Microsoft's security offerings. Understanding Network Security principles and tools is essential for candidates to grasp how Microsoft protects its cloud infrastructure and helps organizations secure their networks. It relates closely to other exam topics such as cloud security concepts, identity and access management, and compliance features, as network security often serves as the first line of defense in a comprehensive security strategy.
Candidates can expect the following types of questions on Network Security in the SC-900 exam:
- Multiple-choice questions testing knowledge of key Network Security concepts and Microsoft-specific tools (e.g., Azure Firewall, NSGs).
- Scenario-based questions that require candidates to identify appropriate Network Security solutions for given situations.
- True/False questions to assess understanding of Network Security principles and best practices.
- Questions that ask candidates to match Network Security features with their corresponding functions or benefits.
The depth of knowledge required will be at a foundational level, focusing on understanding core concepts and the basic functionality of Microsoft's Network Security tools rather than in-depth configuration or troubleshooting.
5G Use Cases and Applications is not a topic directly covered in the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This exam focuses on Microsoft's security, compliance, and identity solutions, rather than specific network technologies like 5G. The SC-900 exam covers topics such as Azure Active Directory, Microsoft 365 security features, compliance management, and information protection.
While 5G technology is not part of the SC-900 exam content, understanding modern network technologies and their security implications can be beneficial for overall cybersecurity knowledge. However, candidates should focus on the core topics outlined in the official exam objectives, which include Microsoft's cloud-based security and compliance solutions.
As 5G Use Cases and Applications is not part of the SC-900 exam, candidates should not expect direct questions on this topic. Instead, they should prepare for questions related to:
- Azure Active Directory concepts and features
- Microsoft 365 security capabilities
- Azure security features
- Information protection and governance in Microsoft 365
- Security management capabilities of Azure
- Microsoft compliance management solutions
Questions in the SC-900 exam are typically multiple-choice and scenario-based, focusing on practical applications of Microsoft's security, compliance, and identity solutions in real-world situations. Candidates should be prepared to demonstrate their understanding of these technologies and how they can be used to protect organizations' data and resources in cloud and hybrid environments.
The topic "Practical 5G RAN Implementation" is not directly related to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This exam focuses on foundational concepts in security, compliance, and identity within the Microsoft ecosystem, rather than specific telecommunications technologies like 5G. However, I can provide information on a relevant topic from the SC-900 exam syllabus.
A more appropriate topic for the SC-900 exam would be "Azure Active Directory (Azure AD) Concepts." Azure AD is Microsoft's cloud-based identity and access management service. It enables users to sign in and access resources in external resources like Microsoft 365 and internal resources like apps on your corporate network. Azure AD provides features such as single sign-on (SSO), multi-factor authentication (MFA), and conditional access policies to enhance security and user experience.
Azure Active Directory is a crucial component of the SC-900 exam as it relates to the identity and access management aspects of Microsoft's security framework. Understanding Azure AD is essential for implementing secure authentication and authorization processes in cloud and hybrid environments. This topic ties into broader concepts of identity protection, access management, and security in the Microsoft ecosystem, which are core focuses of the SC-900 exam.
For the SC-900 exam, candidates can expect the following types of questions related to Azure Active Directory:
- Multiple-choice questions testing knowledge of Azure AD features and capabilities
- Scenario-based questions asking candidates to identify the appropriate Azure AD solution for a given security or access management challenge
- True/false questions about Azure AD concepts and best practices
- Questions comparing Azure AD to on-premises Active Directory and discussing hybrid identity scenarios
- Questions about integrating Azure AD with other Microsoft security services and third-party applications
Candidates should be prepared to demonstrate a foundational understanding of Azure AD concepts, its role in the Microsoft security ecosystem, and how it addresses common identity and access management challenges in modern organizations.
Storage and Data Protection in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) encompasses the various methods and technologies used to secure and manage data within Microsoft's cloud ecosystem. This includes Azure Storage services, which provide secure and scalable cloud storage solutions for various data types. Key aspects of this topic include data encryption at rest and in transit, access control mechanisms like Azure Active Directory (Azure AD) and Shared Access Signatures (SAS), and data backup and recovery options. Additionally, candidates should understand Azure Information Protection (AIP) for classifying and protecting sensitive data, as well as Azure Key Vault for securely storing and managing cryptographic keys and secrets.
This topic is crucial to the overall SC-900 exam as it forms a fundamental part of Microsoft's security and compliance offerings. Understanding storage and data protection is essential for implementing a comprehensive security strategy in cloud environments. It relates closely to other exam topics such as identity and access management, compliance management, and security management. Candidates need to grasp how these various components work together to create a robust security posture for organizations using Microsoft cloud services.
For the SC-900 exam, candidates can expect questions on Storage and Data Protection in various formats:
- Multiple-choice questions testing knowledge of Azure Storage services and their security features
- Scenario-based questions asking candidates to identify appropriate data protection measures for given situations
- True/false questions about data encryption methods and their applications
- Questions on Azure Information Protection and its role in data classification and protection
- Conceptual questions about the importance of data backup and recovery in cloud environments
The depth of knowledge required will be at a foundational level, focusing on understanding key concepts and their applications rather than deep technical implementation details. Candidates should be prepared to demonstrate their understanding of how these technologies contribute to overall data security and compliance in Microsoft cloud environments.
Fraud Prevention and Deterrence is a crucial aspect of security in Microsoft's cloud services. It involves implementing measures to detect, prevent, and respond to fraudulent activities that could compromise the integrity of data and systems. Microsoft employs various technologies and strategies, such as Azure AD Identity Protection, which uses machine learning algorithms to identify and mitigate risks associated with user identities. Additionally, Microsoft Defender for Cloud Apps provides advanced threat detection capabilities to identify suspicious activities and potential fraud attempts across cloud applications.
This topic is integral to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it falls under the broader category of security principles and best practices in cloud environments. Understanding fraud prevention and deterrence mechanisms is essential for maintaining a robust security posture in Microsoft's cloud ecosystem. It directly relates to other exam topics such as identity and access management, threat protection, and security management.
Candidates can expect the following types of questions on this topic in the SC-900 exam:
- Multiple-choice questions testing knowledge of specific fraud prevention features in Microsoft services
- Scenario-based questions requiring candidates to identify appropriate fraud prevention measures for given situations
- True/false questions about the capabilities and limitations of Microsoft's fraud prevention technologies
- Questions assessing understanding of how fraud prevention integrates with other security features in the Microsoft cloud ecosystem
The depth of knowledge required will typically focus on foundational concepts and general awareness of Microsoft's fraud prevention capabilities, rather than in-depth technical details or implementation specifics.
Implementing Responsible AI Governance and Risk Management is a crucial aspect of Microsoft's approach to artificial intelligence. This topic focuses on the ethical and responsible development and deployment of AI systems. It encompasses principles such as fairness, reliability, safety, privacy, security, inclusiveness, transparency, and accountability. Microsoft's AI governance framework includes guidelines for AI design, development, and deployment, ensuring that AI systems are built and used in ways that respect human rights, protect privacy, and promote fairness. Risk management in AI involves identifying potential risks associated with AI systems, such as bias, data privacy breaches, or unintended consequences, and implementing measures to mitigate these risks.
This topic is significant within the broader context of the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) certification as it aligns with Microsoft's commitment to responsible and ethical technology use. Understanding AI governance and risk management is essential for professionals working with Microsoft's cloud and AI services, as it ensures compliance with regulations and best practices. This knowledge is crucial for maintaining trust in AI systems and protecting organizations from potential legal and reputational risks associated with AI implementation.
Candidates can expect the following types of questions on this topic in the SC-900 exam:
- Multiple-choice questions testing knowledge of Microsoft's AI principles and governance framework
- Scenario-based questions presenting AI implementation situations and asking candidates to identify potential risks or appropriate governance measures
- Questions about specific tools or features in Microsoft's AI services that support responsible AI practices
- True/false questions on statements related to AI ethics and risk management
- Questions requiring candidates to match AI governance principles with their corresponding descriptions or examples
The depth of knowledge required will typically focus on fundamental understanding and awareness of responsible AI concepts, rather than in-depth technical implementation details. Candidates should be familiar with Microsoft's AI principles, basic risk management concepts in AI, and general best practices for ethical AI development and deployment.
I apologize, but there seems to be a misunderstanding. The topic "ABAP SQL and code pushdown" is not relevant to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This exam focuses on Microsoft's security, compliance, and identity solutions, not on SAP ABAP programming concepts.
The SC-900 exam covers topics such as:
- Concepts of security, compliance, and identity
- Microsoft identity and access management solutions
- Microsoft security solutions
- Microsoft compliance solutions
If you'd like information on a specific topic within the SC-900 exam scope, please provide a relevant topic, and I'd be happy to assist you with exam preparation guidance for the Microsoft Security, Compliance, and Identity Fundamentals certification.
I apologize, but there seems to be a mismatch between the exam information provided and the topic requested. The exam name and code (Microsoft Security, Compliance, and Identity Fundamentals SC-900) are not related to SAP S/4HANA User Experience. The SC-900 exam focuses on Microsoft's security, compliance, and identity solutions, while SAP S/4HANA is an enterprise resource planning software suite.
To provide an accurate and helpful response, I would need the correct exam information that aligns with the SAP S/4HANA User Experience topic. If you'd like information about the Microsoft SC-900 exam, I'd be happy to provide that instead. Alternatively, if you have the correct exam details for an SAP-related certification, please provide those, and I'll be glad to assist you with the requested information about SAP S/4HANA User Experience in that context.
Inventory Management and Physical Inventory are essential components of asset management in the context of security and compliance. In Microsoft 365, inventory management involves tracking and managing both physical and digital assets across an organization's environment. This includes hardware devices, software licenses, and cloud resources. Physical inventory specifically refers to the process of cataloging and monitoring tangible assets such as computers, servers, and mobile devices. These practices are crucial for maintaining security, ensuring compliance, and optimizing resource allocation within an organization.
This topic relates to the overall Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam by addressing the fundamental concepts of asset management and security. Understanding inventory management and physical inventory is crucial for implementing effective security measures, maintaining compliance with regulations, and managing identities across an organization's infrastructure. It ties into broader themes of the exam, such as security management, compliance practices, and identity and access management in Microsoft 365 and Azure environments.
Candidates can expect the following types of questions regarding Inventory Management and Physical Inventory on the SC-900 exam:
- Multiple-choice questions testing knowledge of inventory management concepts and best practices in Microsoft 365 and Azure.
- Scenario-based questions that require candidates to identify appropriate inventory management solutions for given organizational needs.
- Questions about the benefits and importance of maintaining accurate physical inventory in the context of security and compliance.
- Multiple-choice questions on tools and features available in Microsoft 365 and Azure for managing inventory and tracking assets.
- Questions that assess understanding of how inventory management relates to other security and compliance practices covered in the exam.
Physical Security and Safety in the context of the Microsoft Security, Compliance, and Identity Fundamentals exam (SC-900) refers to the measures and practices implemented to protect physical assets, data centers, and personnel from unauthorized access, theft, and environmental hazards. This includes aspects such as access control systems, surveillance cameras, security personnel, fire suppression systems, and disaster recovery plans. Microsoft's approach to physical security involves multiple layers of protection, including biometric access controls, 24/7 video surveillance, and strict visitor management protocols. Additionally, Microsoft implements environmental controls to maintain optimal conditions for their data centers, such as temperature and humidity regulation, and redundant power supplies to ensure continuous operation.
This topic is crucial to the overall exam as it forms part of the foundation for understanding Microsoft's comprehensive approach to security. While the SC-900 exam primarily focuses on cloud-based security concepts, physical security is an essential component of the overall security posture. Understanding physical security measures helps candidates appreciate the multi-layered approach to protecting data and resources, which is a key principle in Microsoft's security strategy. It also provides context for how cloud security builds upon and extends traditional security practices.
Candidates can expect the following types of questions related to Physical Security and Safety on the SC-900 exam:
- Multiple-choice questions asking to identify key components of Microsoft's physical security measures
- Scenario-based questions where candidates must determine the appropriate physical security controls for a given situation
- True/False questions about Microsoft's data center security practices
- Questions that require matching physical security controls with their primary functions or benefits
The depth of knowledge required for this topic is generally at an awareness level. Candidates should be familiar with basic physical security concepts and Microsoft's overall approach, but detailed technical knowledge of specific security systems is not expected. Questions will likely focus on understanding the importance of physical security in the broader context of information security and how it complements cloud-based security measures.
The "Introduction to Development" topic in the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam focuses on the fundamental concepts of secure application development and DevOps practices. This includes understanding the importance of integrating security into the software development lifecycle (SDLC), implementing secure coding practices, and utilizing tools and techniques to identify and mitigate vulnerabilities in applications. Candidates should be familiar with basic principles such as input validation, error handling, and secure data storage. Additionally, this topic covers the concept of DevSecOps, which emphasizes the integration of security practices throughout the development and operations processes.
This topic is crucial to the overall exam as it provides a foundation for understanding how security principles are applied in the development of applications and services. It relates to other exam areas such as cloud security and compliance, as secure development practices are essential for creating and maintaining secure cloud-based solutions. Understanding these concepts is vital for anyone working in IT security, as it helps in identifying potential vulnerabilities and implementing appropriate security measures throughout the development process.
Candidates can expect the following types of questions on this topic:
- Multiple-choice questions testing knowledge of secure development principles and best practices
- Scenario-based questions that require applying secure development concepts to real-world situations
- Questions about common vulnerabilities and how to mitigate them during the development process
- Questions on the integration of security into DevOps practices (DevSecOps)
- Basic questions on secure coding practices and their importance in overall application security
The depth of knowledge required for this topic is foundational, focusing on understanding key concepts and their importance rather than deep technical implementation details. Candidates should be prepared to demonstrate a general understanding of secure development principles and their role in overall cybersecurity strategies.
Exploring and analyzing data is a crucial aspect of security, compliance, and identity management in Microsoft 365. This topic focuses on the tools and techniques used to gain insights from data collected across various Microsoft 365 services. Key components include Microsoft 365 Defender portal, which provides a centralized hub for security monitoring and threat detection, and Microsoft Sentinel, a cloud-native SIEM (Security Information and Event Management) solution. These tools allow security professionals to collect, analyze, and visualize data from multiple sources, enabling them to identify potential threats, investigate incidents, and respond to security events effectively.
This topic is integral to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it relates directly to the core concepts of security operations and threat protection. Understanding how to explore and analyze data is essential for implementing a robust security strategy and maintaining compliance within an organization. It ties into broader exam themes such as security management, threat protection, and information protection, demonstrating the interconnected nature of these concepts in modern cybersecurity practices.
Candidates can expect the following types of questions on this topic in the SC-900 exam:
- Multiple-choice questions testing knowledge of specific features and capabilities of Microsoft 365 Defender portal and Microsoft Sentinel
- Scenario-based questions that present a security incident and ask candidates to identify the most appropriate tool or approach for investigating and analyzing the data
- Questions about the types of data sources that can be connected to Microsoft Sentinel for analysis
- Conceptual questions on the benefits of centralized data exploration and analysis in a security context
- Questions on basic data visualization techniques and their application in security monitoring
The depth of knowledge required will be at a foundational level, focusing on understanding key concepts and use cases rather than advanced configuration or implementation details.
Analyzing Business Performance is not a specific topic covered in the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This exam focuses on foundational concepts related to security, compliance, and identity in Microsoft 365 and Azure environments. The exam covers topics such as security and compliance principles, Microsoft identity and access management solutions, and Microsoft security and compliance solutions.
While business performance analysis is not directly addressed in this exam, understanding security and compliance concepts can indirectly contribute to improving business performance by protecting assets, ensuring regulatory compliance, and enhancing productivity through secure identity and access management.
The SC-900 exam relates more closely to topics such as:
- Concepts of security, compliance, and identity
- Capabilities of Microsoft identity and access management solutions
- Capabilities of Microsoft security solutions
- Capabilities of Microsoft compliance solutions
Candidates preparing for the SC-900 exam should focus on these areas rather than business performance analysis. The exam aims to validate foundational knowledge of security, compliance, and identity concepts in Microsoft cloud-based and related services.
As "Analyze Business Performance" is not a topic covered in the SC-900 exam, candidates should not expect to encounter questions specifically related to this subject. Instead, they should prepare for questions on the core topics mentioned above. The exam typically includes multiple-choice questions, case studies, and scenario-based questions that test understanding of security, compliance, and identity concepts in Microsoft environments.
Insurance in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) primarily refers to cyber insurance and its role in an organization's overall security strategy. Cyber insurance is a type of coverage that helps protect businesses from financial losses due to cybersecurity incidents, such as data breaches, ransomware attacks, or other cyber threats. It typically covers expenses related to incident response, legal fees, customer notifications, and potential regulatory fines. While not a direct security measure, cyber insurance is an important component of a comprehensive risk management approach, complementing technical and operational security controls.
This topic relates to the overall SC-900 exam by emphasizing the importance of a holistic approach to security and compliance. Understanding cyber insurance helps candidates grasp the financial implications of security incidents and the need for a multi-layered defense strategy. It aligns with the exam's focus on risk management, compliance, and governance principles within the Microsoft ecosystem. While not a primary focus, knowledge of cyber insurance contributes to a well-rounded understanding of security fundamentals.
Candidates can expect questions on this topic to be relatively high-level and conceptual. Potential question types include:
- Multiple-choice questions asking about the purpose and benefits of cyber insurance
- Scenario-based questions where candidates must identify situations where cyber insurance would be beneficial
- True/false statements about the coverage provided by typical cyber insurance policies
- Questions that ask candidates to differentiate between security measures covered by insurance and those that are not
The depth of knowledge required for this topic is generally introductory, focusing on basic concepts and principles rather than specific policy details or complex risk calculations.
I apologize, but there seems to be a misunderstanding. The topic "Einstein Discovery Story Design" is not part of the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This topic is typically associated with Salesforce Einstein Analytics, which is a different technology and certification.
The SC-900 exam focuses on fundamental concepts of security, compliance, and identity across cloud-based and related Microsoft services. It covers topics such as Microsoft Azure Active Directory, Microsoft Security Solutions, Microsoft Compliance Solutions, and Microsoft Identity and Access Management Solutions.
To provide accurate information for exam preparation, it would be best to choose a topic that is actually part of the SC-900 exam syllabus. Some examples of relevant topics for this exam include:
- Azure Active Directory concepts
- Microsoft Defender for Cloud
- Microsoft 365 Defender
- Microsoft Sentinel
- Microsoft Compliance Manager
- Information Protection and Governance
- Identity and Access Management concepts
If you'd like information on one of these topics or another specific topic from the SC-900 exam, please let me know, and I'd be happy to provide a detailed explanation and exam preparation guidance.
Tools and Code Analysis in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) primarily focuses on understanding the various tools and techniques used to analyze and secure code in Microsoft's cloud and hybrid environments. This includes tools for vulnerability scanning, static and dynamic code analysis, and security testing. Candidates should be familiar with Microsoft-specific tools such as Azure Security Center, Microsoft Defender for Cloud, and Azure DevOps, as well as general concepts of secure coding practices and how they apply to Microsoft's ecosystem.
This topic relates closely to the overall exam content by emphasizing the importance of security in software development and deployment within Microsoft's cloud services. It ties into broader themes of threat protection, security management, and compliance, which are central to the SC-900 certification. Understanding tools and code analysis is crucial for implementing a comprehensive security strategy in Microsoft environments, making it an essential component of the exam's focus on foundational security concepts.
Candidates can expect the following types of questions on this topic:
- Multiple-choice questions testing knowledge of specific Microsoft security tools and their functions
- Scenario-based questions asking candidates to identify the most appropriate tool or analysis technique for a given security situation
- True/false questions about the capabilities and limitations of various code analysis tools
- Questions requiring candidates to match security tools with their primary use cases or features
- Conceptual questions about the importance of code analysis in the overall security posture of an organization
The depth of knowledge required will be at a foundational level, consistent with the "Fundamentals" nature of the exam. Candidates should have a basic understanding of the tools and their purposes, rather than in-depth technical knowledge of their implementation.
Execution is a critical phase in the cybersecurity attack lifecycle, where threat actors attempt to run malicious code or commands on a target system. This stage typically follows successful initial access and often involves techniques like running scripts, exploiting vulnerabilities, or leveraging legitimate system tools for malicious purposes. Execution can lead to data theft, system compromise, or further lateral movement within a network. Understanding execution techniques is crucial for security professionals to implement effective detection and prevention measures.
In the context of the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam, the topic of execution falls under the broader category of security threats and attack methods. It is essential for candidates to understand various execution techniques, their potential impact, and how Microsoft security solutions can help detect and prevent such activities. This knowledge is crucial for implementing effective security measures and understanding the importance of features like Microsoft Defender for Endpoint and Azure Security Center in protecting against execution-based attacks.
Candidates can expect the following types of questions related to execution on the SC-900 exam:
- Multiple-choice questions testing knowledge of common execution techniques and their characteristics
- Scenario-based questions describing a potential execution attack and asking candidates to identify the most appropriate Microsoft security solution to mitigate the risk
- True/false questions about the capabilities of specific Microsoft security features in detecting and preventing execution-based attacks
- Questions that require candidates to match execution techniques with their corresponding mitigation strategies or Microsoft security tools
The depth of knowledge required will typically focus on fundamental understanding rather than advanced technical details, in line with the "Fundamentals" nature of the SC-900 exam.
Configuring cluster networking and network security is not a specific topic covered in the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This exam focuses on foundational concepts related to security, compliance, and identity in Microsoft 365 and Azure environments. The exam does not delve into advanced networking configurations or cluster-specific topics.
While networking and security are important aspects of the SC-900 exam, they are covered at a more general level. The exam includes topics such as basic network security principles, Azure network security features, and identity and access management concepts. Candidates should focus on understanding fundamental security concepts, compliance frameworks, and identity solutions within the Microsoft ecosystem.
Although cluster networking is not directly addressed in the SC-900 exam, candidates should be familiar with the following related topics:
- Basic network security principles
- Azure network security features
- Identity and access management concepts
- Microsoft 365 security features
- Azure Active Directory (Azure AD) capabilities
Questions in the SC-900 exam typically focus on foundational knowledge and understanding of security, compliance, and identity concepts. Candidates can expect:
- Multiple-choice questions testing knowledge of key terms and concepts
- Scenario-based questions that assess the ability to apply security and compliance principles in real-world situations
- Questions about Microsoft 365 and Azure security features and their basic functionality
- Questions on compliance regulations and Microsoft's compliance offerings
- Identity and access management scenarios using Azure AD and related technologies
The topic "Deploy and Configure Firewalls Using Panorama" is not directly related to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. Panorama is a management platform for Palo Alto Networks firewalls, which is not part of the Microsoft ecosystem covered in this certification. The SC-900 exam focuses on Microsoft's security, compliance, and identity solutions, including Azure Active Directory, Microsoft 365 Defender, and Microsoft Compliance Manager.
Instead, the SC-900 exam covers topics related to Microsoft's cloud-based security solutions, such as Azure Firewall and Network Security Groups. These tools are used to protect Azure virtual networks and resources, control network traffic, and implement security policies in Microsoft's cloud environment.
This topic is not directly relevant to the overall SC-900 exam content. The exam focuses on foundational concepts of security, compliance, and identity in Microsoft's cloud services. While network security is an important aspect, the exam does not delve into specific third-party firewall management tools like Panorama. Instead, candidates should focus on understanding Microsoft's native security features and services within Azure and Microsoft 365.
As this topic is not part of the SC-900 exam, candidates should not expect questions specifically about deploying and configuring firewalls using Panorama. However, they may encounter questions related to:
- Basic concepts of network security and firewalls in cloud environments
- Azure Firewall features and capabilities
- Configuring Network Security Groups in Azure
- Implementing security policies in Microsoft 365 and Azure
Integrations in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) refer to the ability of Microsoft's security solutions to work seamlessly with other Microsoft services and third-party applications. This includes integrations between Azure Active Directory (Azure AD) and various cloud applications, as well as connections between Microsoft 365 security features and external security tools. Key integrations include Single Sign-On (SSO) capabilities, which allow users to access multiple applications with a single set of credentials, and the ability to connect Microsoft Defender for Cloud with other security information and event management (SIEM) systems.
This topic is crucial to the overall SC-900 exam as it demonstrates the interconnected nature of Microsoft's security ecosystem. Understanding integrations helps candidates grasp how different security components work together to provide a comprehensive security solution. It also highlights the flexibility and extensibility of Microsoft's security offerings, which is a key selling point for organizations looking to implement or enhance their security posture.
Candidates can expect several types of questions related to integrations on the SC-900 exam:
- Multiple-choice questions asking about the benefits of specific integrations, such as SSO or SIEM connections.
- Scenario-based questions where candidates must identify the most appropriate integration solution for a given business requirement.
- True/false questions testing knowledge of which Microsoft services can be integrated with specific third-party applications.
- Questions about the steps required to set up common integrations, though these will likely be high-level rather than detailed configuration steps.
The depth of knowledge required for this topic is generally foundational, focusing on understanding the concepts and benefits of integrations rather than detailed implementation procedures.
Retail Sales is not a specific topic covered in the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam. This certification focuses on foundational concepts related to security, compliance, and identity in Microsoft cloud services. While retail sales may involve aspects of security and compliance, it is not a core component of this particular exam.
The SC-900 exam covers topics such as security concepts, Microsoft identity and access management solutions, security capabilities of Azure, and compliance features in Microsoft 365. These areas are more relevant to understanding how to protect digital assets, manage user identities, and ensure regulatory compliance in cloud environments.
Since Retail Sales is not directly related to the SC-900 exam content, candidates should focus their study efforts on the following key areas:
- Security, compliance, and identity concepts
- Microsoft Azure Active Directory capabilities
- Azure security features
- Microsoft 365 security and compliance solutions
While there are no specific questions about Retail Sales on the SC-900 exam, candidates may encounter scenario-based questions that involve securing retail environments or protecting customer data. These questions would likely focus on applying security and compliance principles to various business scenarios, including retail.
Candidates can expect multiple-choice questions, case studies, and scenario-based questions that test their understanding of security, compliance, and identity concepts in Microsoft cloud services. The exam will assess knowledge of basic principles and the ability to apply them in real-world situations across various industries, potentially including retail environments.
Zero Trust (ZT) Implementation is a crucial security approach in modern cybersecurity. It operates on the principle of "never trust, always verify," assuming that no user, device, or network should be automatically trusted, regardless of their location or ownership. ZT Implementation involves continuously authenticating and authorizing access requests, monitoring network traffic, and enforcing least-privilege access. Key components include multi-factor authentication, micro-segmentation, and continuous monitoring. Microsoft's approach to ZT implementation encompasses identity protection, device security, application security, network security, infrastructure security, and data security.
This topic is fundamental to the Microsoft Security, Compliance, and Identity Fundamentals (SC-900) exam as it represents a core principle in Microsoft's security strategy. Understanding ZT Implementation is crucial for candidates as it underpins many of Microsoft's security solutions and practices. It relates closely to other exam topics such as identity and access management, threat protection, and information protection. Mastering this concept will provide candidates with a solid foundation for comprehending Microsoft's overall security framework and specific security features across various Microsoft services.
In the SC-900 exam, candidates can expect questions on ZT Implementation in various formats:
- Multiple-choice questions testing knowledge of ZT principles and components
- Scenario-based questions asking candidates to identify appropriate ZT measures in given situations
- True/false questions about ZT implementation best practices
- Questions comparing ZT to traditional security models
- Questions on how ZT principles are applied in specific Microsoft services (e.g., Azure AD, Microsoft 365)
The depth of knowledge required will be at a foundational level, focusing on understanding core concepts and their practical applications rather than deep technical details.
Implementation Strategies in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) refer to the approaches and methods organizations can use to deploy and manage Microsoft security solutions effectively. This topic covers various aspects such as planning, deployment models, and best practices for implementing Microsoft 365, Azure AD, and other security services. Key sub-topics include cloud-only vs. hybrid implementations, staged rollouts, pilot programs, and considerations for different organization sizes and industries. Understanding implementation strategies is crucial for ensuring successful adoption and maximizing the benefits of Microsoft's security, compliance, and identity solutions.
This topic is integral to the overall SC-900 exam as it bridges the gap between theoretical knowledge of Microsoft's security offerings and their practical application in real-world scenarios. It relates closely to other exam areas such as security concepts, compliance principles, and identity management. Understanding implementation strategies helps candidates grasp how organizations can effectively leverage Microsoft's solutions to address their specific security and compliance needs. This knowledge is essential for IT professionals who may be involved in planning or supporting the deployment of these solutions in their organizations.
Candidates can expect the following types of questions regarding Implementation Strategies on the SC-900 exam:
- Multiple-choice questions testing knowledge of different implementation models (e.g., cloud-only vs. hybrid)
- Scenario-based questions asking candidates to identify the most appropriate implementation strategy for a given organization's needs
- Questions about best practices for staged rollouts and pilot programs
- Multiple-choice or true/false questions on considerations for implementing security solutions in different industries or organization sizes
- Questions requiring candidates to match implementation steps or strategies with specific Microsoft security services
The depth of knowledge required will typically focus on fundamental understanding and recognition of key concepts rather than in-depth technical details. Candidates should be prepared to demonstrate their ability to apply basic implementation principles to various scenarios and understand the benefits and challenges of different implementation approaches.
Triggered Campaigns in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) refer to automated security responses initiated by specific events or conditions within an organization's IT environment. These campaigns are part of Microsoft Defender for Office 365's threat protection features. When a predefined trigger occurs, such as a suspicious email or a potential malware detection, the system automatically launches a series of actions to investigate, contain, and mitigate the threat. Triggered campaigns can include actions like isolating affected devices, blocking suspicious IP addresses, or initiating additional scans across the network.
This topic relates to the overall SC-900 exam by demonstrating Microsoft's approach to proactive security measures in cloud-based environments. It falls under the broader category of security management and automation, which is a key focus area in modern cybersecurity practices. Understanding triggered campaigns helps candidates grasp how Microsoft's security solutions work to protect organizations from evolving threats in real-time, aligning with the exam's emphasis on cloud security and threat protection strategies.
Candidates can expect the following types of questions regarding Triggered Campaigns on the SC-900 exam:
- Multiple-choice questions asking to identify the primary purpose or benefits of triggered campaigns in Microsoft Defender for Office 365.
- Scenario-based questions describing a security incident and asking candidates to determine which type of triggered campaign would be most appropriate to respond to the threat.
- True/false questions about the capabilities and limitations of triggered campaigns within Microsoft's security ecosystem.
- Questions that require candidates to order the steps in a typical triggered campaign process.
The depth of knowledge required will typically focus on understanding the concept, its place within Microsoft's security offerings, and basic implementation scenarios rather than deep technical details or configuration steps.
The Development of Architecture in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) refers to the process of designing and implementing secure, compliant, and identity-aware solutions using Microsoft's cloud services. This topic covers the fundamental principles of creating a robust architecture that addresses security concerns, ensures compliance with regulations, and manages identities effectively. Key sub-topics include understanding the shared responsibility model in cloud computing, implementing defense-in-depth strategies, and designing solutions that incorporate Azure Active Directory for identity and access management.
This topic is crucial to the overall SC-900 exam as it provides the foundation for understanding how to build secure and compliant solutions using Microsoft's cloud services. It relates directly to the exam's focus on security, compliance, and identity concepts in the Microsoft cloud. Candidates need to grasp these architectural principles to effectively implement and manage Microsoft 365 and Azure services, which are core components of the certification.
Candidates can expect the following types of questions on this topic in the actual exam:
- Multiple-choice questions testing knowledge of key architectural concepts, such as the shared responsibility model or defense-in-depth strategies.
- Scenario-based questions that require candidates to identify the most appropriate architectural approach for a given security or compliance requirement.
- True/false questions to assess understanding of specific architectural principles or best practices.
- Questions that ask candidates to match architectural components with their corresponding functions or benefits.
The depth of knowledge required will typically focus on fundamental understanding rather than advanced implementation details. Candidates should be prepared to demonstrate their grasp of core concepts and their ability to apply these principles to basic scenarios.
Optimizing Service Performance in the context of Microsoft Security, Compliance, and Identity Fundamentals (SC-900) primarily focuses on ensuring that Microsoft 365 and Azure services operate efficiently and effectively. This involves understanding how to monitor service health, utilize performance metrics, and implement best practices for resource management. Key aspects include monitoring service availability, identifying and resolving performance issues, and leveraging tools like Microsoft 365 Admin Center and Azure Monitor to gain insights into service performance. Additionally, optimizing service performance encompasses understanding how to configure and manage services to meet specific organizational needs while maintaining security and compliance standards.
This topic is crucial within the broader context of the SC-900 exam as it relates to the overall management and maintenance of Microsoft's cloud services. Understanding how to optimize service performance is essential for ensuring that security and compliance measures are effectively implemented without compromising system efficiency. It ties into other exam topics such as cloud concepts, security and compliance principles, and identity and access management, as optimal service performance is integral to maintaining a secure and compliant cloud environment.
Candidates can expect the following types of questions regarding Optimizing Service Performance on the SC-900 exam:
- Multiple-choice questions testing knowledge of key performance monitoring tools and their functions
- Scenario-based questions asking candidates to identify appropriate actions to resolve specific performance issues
- Questions about best practices for configuring services to optimize performance while maintaining security
- Conceptual questions on the relationship between service performance and overall security and compliance posture
- Questions requiring interpretation of performance metrics and service health indicators
The depth of knowledge required will typically be at a foundational level, focusing on understanding core concepts and basic implementation rather than advanced troubleshooting or complex configurations.