Free · No account needed · No credit card

Microsoft Security, Compliance, and Identity Fundamentals SC-900 Practice Test

1,411 questions with instant explanations, domain breakdown, and wrong-answer analysis. Built for the real exam.

Instant feedback after each answer
Full explanations included
Domain score breakdown
Real exam: 60 min
Pass mark: 700%

Sample questions with explanations

This is exactly what you see during practice — question, options, and a full explanation after you answer.

Q1Describe the concepts of security, compliance, and identityeasy
Full explanation →

A security analyst is explaining the core principles of information security to a new team member. Which principle ensures that data is not modified by unauthorized parties?

AConfidentiality
IntegrityCorrect
CAvailability
DNon-repudiation

The principle of integrity ensures that data remains accurate and unaltered during storage, processing, or transmission, except by authorized entities. In the context of information security, integrity is specifically concerned with preventing unauthorized modification, deletion,…Read full explanation

Q2Describe the concepts of security, compliance, and identitymedium
Full explanation →

A company is moving its on-premises database to Azure SQL Database. According to the shared responsibility model, which security tasks remain the responsibility of the customer?

APatching the physical servers hosting the database
Managing access controls and authentication for database usersCorrect
CSecuring the hypervisor running the virtual machines
DHardening the network firewalls at the datacenter perimeter

In the shared responsibility model for Azure SQL Database, Microsoft manages the physical infrastructure, including servers, storage, and network, while the customer is responsible for data and access management. Option B is correct because managing access controls and authentica…Read full explanation

Q3Describe the capabilities of Microsoft Entramedium
Full explanation →

A company wants to require multi-factor authentication (MFA) for all users accessing a financial application, but only when they sign in from outside the corporate network. Which Microsoft Entra ID feature should be used?

AIdentity Protection
Conditional AccessCorrect
CPrivileged Identity Management (PIM)
DSelf-Service Password Reset (SSPR)

Conditional Access is the correct choice because it allows administrators to define policies that enforce multi-factor authentication (MFA) based on specific conditions, such as network location. In this scenario, a Conditional Access policy can be configured to require MFA only …Read full explanation

Untimed Practice

Answer at your own pace. Explanation and domain tag shown immediately after each answer.

Timed Practice

Countdown timer starts immediately. Results and domain scores shown at the end — just like the real exam.

Why practice here?

Full explanations on every question

Not just the right answer — you get exactly why each wrong option is wrong, so you learn the concept, not the answer.

Domain score breakdown

After each session see your score by exam domain so you know exactly where to focus study time.

100% free, forever

No subscription, no trial, no email wall. Start a session in under 10 seconds.

Exam-style questions

Scenario-based, precise wording, realistic distractors — written to match what you actually see on exam day.

← All SC-900 questionsSC-900 exam guideStudy guidePractice by domain