Updated – 01/11/2022 – The exam guide below shows the changes that will be implemented starting on November 4, 2022. The study guide has been updated to reflect the new objectives and exam topic weights added and updated by Microsoft Learning.
Updated – 01/07/2022 – The SC-100 exam is out of beta and is now generally available.
Are you preparing for the SC-100 Microsoft Cybersecurity Architect certification? This study guide will share with you how to prepare and pass the SC-100: Microsoft Certified Cybersecurity Architect Expert successfully (with links to exam objectives).
The increase in cyber security issues in the press seems relentless. Organizational leaders in all types of industries are looking for capable cybersecurity architects to navigate them safely through the dangers of this highly connected world.
Table of Contents
Introduction
Microsoft is keeping evolving its learning programs to help you and your career keep pace with today’s demanding IT environments. The new updated role-based certifications will help you to keep pace with today’s business requirements. Microsoft Learning is constantly evolving its learning program to better offer what you need to skill up, prove your expertise to employers and peers, and get the recognition—and opportunities you’ve earned.
After last year’s announcement of the new certification exams that focus on Security, Compliance, and Identity (SCI) solutions, Microsoft Learning announced a new certification exam to complement the security learning path by introducing the new Microsoft Cybersecurity Architect Expert certification, which expands Azure training and certification portfolio.
To obtain the Cybersecurity Architect Expert certification you need to pass the new SC-100 exam (this study guide) and ONLY ONE of the following four prerequisites security exams:
> Option 1: Exam SC-200: Microsoft Security Operations Analyst.
> Option 2: Exam SC-300: Microsoft Identity and Access Administrator.
> Option 3: Exam AZ-500: Microsoft Azure Security Technologies.
> Option 4: Exam MS-500: Microsoft 365 Security Administration.
Here is the entire path to follow to earn the new Microsoft Certified: Cybersecurity Architect Expert certification:

I will keep updating this study guide as soon as I have new materials such as Videos, Books, Crash courses, Practice exam questions, and the official Microsoft instructor-led training.
SC-100 Exam Preparation
How do you prepare for the SC-100 exam?
While preparing to take this exam myself, I would like to share with you how to prepare and pass the SC-100: Microsoft Cybersecurity Architect exam successfully. To prepare for this exam, I usually use a couple of online resources, mainly Microsoft Docs, Microsoft Learn, and Training Labs, which I am going to share with you in the next section.
The exam is available on April 7, 2022, in the Beta phase at the time of this writing. Beta exams are not scored immediately because Microsoft is gathering data on the quality of the questions and the exam. The SC-100 exam is out of beta and is now generally available.
Updated on 05/05/2022 – How many questions on SC 100?
In this exam, I got around 48 questions in total with 2 case studies, 2 sections with Yes/No answers, and no lab questions since it’s an architect and design level exam. The total time for this exam is 120 minutes (2 hours). The exam is long, you need to manage your time and prepare very well. The questions do pretty much match the list of skills measured below.
Updated on 09/07/2022 – I am so happy and grateful now that I received the final report for the SC-100 Microsoft Cybersecurity Architect with a passing score as shown in the report below! I want to mention that I did not prepare well when I sat for this exam in May 2022 there were no resource materials available during the beta phase, but since I work with Microsoft Security Solutions on daily basis, I managed to answer most of the questions within 2 hours.

Exam Target Audience
The Microsoft cybersecurity architect has subject matter expertise (SME) in designing and evolving the cybersecurity strategy to protect an organization’s mission and business processes across all aspects of the enterprise architecture. The cybersecurity architect designs a Zero Trust strategy and architecture, including security strategies for data, applications, access management, identity, and infrastructure. The cybersecurity architect also evaluates Governance Risk Compliance (GRC) technical strategies and security operations strategies.
The cybersecurity architect continuously collaborates with leaders and practitioners in IT security, privacy, and other roles across an organization to plan and implement a cybersecurity strategy that meets the business needs of an organization.
To prepare for this certification, you should have advanced experience and knowledge in a wide range of security engineering areas including identity and access management (IAM), platform protection, security operations, securing data, and securing applications. You should also have experience with hybrid and cloud implementations.
Please note that to prepare and take the SC-100 exam, I highly recommended studying and passing one of the following four prerequisites exams, before you sit and take the SC-100 exam:
> Exam SC-200: Microsoft Security Operations Analyst.
> Exam SC-300: Microsoft Identity and Access Administrator.
> Exam AZ-500: Microsoft Azure Security Technologies.
> Exam MS-500: Microsoft 365 Security Administration.
Prerequisites
This is the first expert-level certification that Microsoft released in Security, Compliance, and Identity portfolio. Expert-level certifications target higher-level skills than their associate/fundamental-level counterparts, which may focus on your ability to implement or configure various cloud services. This certification will focus on designing elements of a cybersecurity architecture and evaluating the tradeoffs between different solutions.
As a prerequisite for this exam, you should already have advanced experience and knowledge in a wide range of security engineering areas including identity and access management, platform protection, security operations, securing data, and securing applications.
You are also an excellent candidate for this Cybersecurity Architect certification if you have experience with hybrid and cloud implementations.
The exam is very broad because it’s developed based on the 4 prerequisites exam (SC-200, SC-300, AZ-500, and MS-500). And the SC-100 exam really covers the full scope of all the different security solutions across all of Azure and Microsoft 365.

Skills measured on this exam
This exam measures your ability to design, integrate and develop a security strategy for your organization based on the topics listed below.
I have curated a list of articles from Microsoft documentation based on the latest update from Microsoft Learning for the SC-100 exam. Please share this study guide within your circles so it helps them to prepare for the exam.
Design a Zero Trust strategy and architecture (30–35%)
Build an overall security strategy and architecture
Identify the integration points in a security architecture by using Microsoft Cybersecurity Reference Architecture (MCRA)
- Microsoft Cybersecurity Reference Architectures (documentation)
- Microsoft Cybersecurity Reference Architectures (18 videos).
Translate business goals into security requirements
Translate security requirements into technical capabilities, including security services, security products, and security processes
Design security for a resiliency strategy
Integrate a hybrid or multi-tenant environment into a security strategy
Develop a technical governance strategy for security
Design a security operations strategy
Design a logging and auditing strategy to support security operations
Develop security operations to support a hybrid or multi-cloud environment
Design a strategy for SIEM and SOAR
Evaluate security workflows
Evaluate a security operations strategy for the incident management lifecycle
Evaluate a security operations strategy for sharing technical threat intelligence
Design an identity security strategy
Design a strategy for access to cloud resources
- Organize your Azure resources effectively
- Manage access to your Azure environment with Azure role-based access control
- Azure identity and access management design area
Recommend an identity store (tenants, B2B, B2C, hybrid)
- Azure Identity Management and access control security best practices
- External Identities in Azure Active Directory
Recommend an authentication strategy
- What authentication and verification methods are available in Azure Active Directory?
- Design authentication and credential strategies
- Choose the right authentication method for your Azure Active Directory hybrid identity solution
- Authentication with Azure AD
Recommend an authorization strategy
Design a strategy for conditional access
Design a strategy for role assignment and delegation
- Best practices for Azure AD roles
- Delegation and roles in Azure AD entitlement management
- Use Azure AD groups to manage role assignments
Design security strategy for privileged role access to infrastructure including identity-based firewall rules and Privileged Identity Management (PIM) in Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra
- What is Azure AD Privileged Identity Management?
- Microsoft security best practices for identity and access management
Design security strategy for privileged activities including PAM, entitlement management, cloud tenant administration
- What is Azure AD entitlement management?
- Delegation and roles in Azure AD entitlement management
- Privileged Access Management for Active Directory Domain Services
- Understand the components of MIM PAM
- Securing privileged access for hybrid and cloud deployments in Azure AD
Evaluate Governance Risk Compliance technical strategies and security operations strategies (10–15%)
Design a regulatory compliance strategy
Interpret compliance requirements and translate them into specific technical capabilities (new or existing)
- Introduction to regulatory compliance
- Azure security technical capabilities
- Governance, risk, and compliance
Evaluate infrastructure compliance by using Microsoft Defender for Cloud
Interpret compliance scores and recommend actions to resolve issues or improve security
- What is a Compliance Manager?
- Compliance score calculation
- Secure score in Microsoft Defender for Cloud
Design implementation of Azure Policy
Design for data residency requirements
Translate privacy requirements into requirements for security solutions
Evaluate security posture and recommend technical strategies to manage risk
Evaluate security posture by using Azure Security Benchmark
- Azure Security Benchmark introduction
- Customize the set of standards in your regulatory compliance dashboard
- Improve your regulatory compliance
Evaluate security posture by using Microsoft Defender for Cloud
Evaluate security posture by using Secure Scores
Evaluate the security posture of cloud workloads
Design security for an Azure Landing Zone
Interpret technical threat intelligence and recommend risk mitigations
Recommend security capabilities or controls to mitigate identified risks
- Reduce Risk Across your Environments with the Latest Threat and Vulnerability Management
- Use a framework to identify threats and find ways to reduce or eliminate the risk
Design security for infrastructure (10–15%)
Design a strategy for securing server and client endpoints
Specify security baselines for server and client endpoints
Specify security requirements for servers, including multiple platforms and operating systems
Specify security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
- Minimum requirements for Microsoft Defender for Endpoint
- Use security baselines to configure Windows devices
Specify requirements to secure Active Directory Domain Services
- Best Practices for Securing Active Directory
- Harden an Azure Active Directory Domain Services managed domain
Design a strategy to manage secrets, keys, and certificates
Design a strategy for secure remote access
Design a strategy for securing privileged access
Design a strategy for securing SaaS, PaaS, and IaaS services
Specify security baselines for SaaS, PaaS, and IaaS services
Specify security requirements for IoT workloads
Specify security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse, and Azure Cosmos DB
- An overview of Azure SQL Database and SQL Managed Instance security capabilities
- Playbook for addressing common security requirements with Azure SQL Database
- Azure security baseline for Azure SQL Database
- Security in Azure Cosmos DB – overview
- Azure security baseline for Azure Synapse dedicated SQL pool
Specify security requirements for web workloads, including Azure App Service
- Security in Azure App Service
- Security Recommendations for App Service
- Azure security baseline for App Service
Specify security requirements for storage workloads, including Azure Storage
- Azure security baseline for Azure Storage
- Secure your Azure Storage account
- Storage Accounts and security
- Security Recommendations for Blob storage
Specify security requirements for containers
- Security considerations for Azure Container Instances
- Azure security baseline for Container Instances
- Azure security baseline for Container Registry
Specify security requirements for container orchestration
- Azure security baseline for Azure Kubernetes Service
- Security concepts for applications and clusters in Azure Kubernetes Service
- Best practices for cluster security and upgrades in Azure Kubernetes Service
- Azure Kubernetes Service (AKS) and security
Design a strategy for data and applications (15–20%)
Specify security requirements for applications
Specify priorities for mitigating threats to applications
Specify a security standard for onboarding a new application
Specify a security strategy for applications and APIs
Design a strategy for securing data
Specify priorities for mitigating threats to data
Design a strategy to identify and protect sensitive data
Specify an encryption standard for data at rest and in motion
- Azure encryption overview
- Azure data security and encryption best practices
- Azure Data Encryption at rest
- Data encryption in Azure
Recommend security best practices and priorities (20–25%)
Recommend security best practices by using the Microsoft Cybersecurity Reference Architecture (MCRA) and Azure Security Benchmarks
Recommend best practices for cybersecurity capabilities and controls
- Microsoft Cybersecurity Reference Architectures
- Azure security best practices
- Microsoft Cloud Security Benchmark (Data Protection)
- Microsoft Cloud Security Benchmark (Asset Management)
- Microsoft Cloud Security Benchmark (Posture and Vulnerability Management)
- Microsoft Cloud Security Benchmark (Endpoint Security)
- Microsoft Cloud Security Benchmark (Backup and Recovery)
- Microsoft Cloud Security Benchmark (DevOps Security)
- Microsoft Cloud Security Benchmark (Governance and Strategy)
Recommend best practices for protecting from insider and external attacks
- MCRA attack chain diagram
- Microsoft Cloud Security Benchmark (Incident Response)
- Microsoft Cloud Security Benchmark (Logging and Threat Detection)
Recommend best practices for Zero Trust security
- Access Control discipline in the Cloud Adoption Framework Secure Methodology (CAF Secure)
- Microsoft Cloud Security Benchmark (Identity Management)
- Microsoft Cloud Security Benchmark (Privileged Access)
- Microsoft Cloud Security Benchmark (Network Security)
Recommend best practices for Zero Trust Rapid Modernization Plan
Recommend a secure methodology by using the Cloud Adoption Framework (CAF)
Recommend a DevSecOps process
- Innovation Security (Cloud Adoption Framework)
- Threat modeling: Start simple
- Peer review and secure coding standards
- Securing Azure Pipelines
- Dynamic application security testing (OWASP ZAP)
- Penetration testing in Azure
Recommend a methodology for asset protection
- Access Control discipline in the Cloud Adoption Framework Secure Methodology (CAF Secure)
- Security Operations
- Access Control
- Innovation Security
- Network isolation
Recommend strategies for managing and minimizing risk
Recommend a ransomware strategy by using Microsoft Security Best Practices
Plan for ransomware protection and extortion-based attacks (i.e., backup and recovery, limit the scope)
Protect assets from ransomware attacks
Recommend Microsoft ransomware best practices
Microsoft Learn – Study Resources
To prepare for this exam, I use the new Microsoft Learn, a great resource that provides self-paced skills training on a variety of Azure security topics.
I highly recommend checking the following modules including the ones from the SC-200 Microsoft Security Operations Analyst and the SC-300 Microsoft Identity and Access Administrator.
> SC-200: Mitigate threats using Microsoft Defender for Endpoint (10 modules)
> SC-200: Mitigate threats using Microsoft 365 Defender (8 modules)
> SC-200: Mitigate threats using Microsoft Defender for Cloud (5 modules)
> SC-200: Configure your Microsoft Sentinel environment (5 modules)
> SC-300: Implement an identity management solution (4 modules)
> SC-300: Implement an Authentication and Access Management solution (4 modules)
> SC-300: Implement Access Management for Apps (3 modules)
> SC-300: Plan and implement an identity governance strategy (4 modules)
> Learn: Build a cloud governance strategy on Azure
> Learn: Improve your cloud security posture with Microsoft Defender for Cloud
> Learn: Use a framework to identify threats and find ways to reduce or eliminate the risk
> Learn: Secure your Azure Storage account
> Learn: Secure your cloud apps and services with Microsoft Defender for Cloud Apps
SC-100 Official Learning Path
Updated on 01/11/2022 – The Microsoft learning team just put together a learning path dedicated to the SC-100 exam in a structured way to help you focus on the exam objectives.
I highly recommend checking the following modules for each exam topic on the SC-100 learning path:
1) SC-100: Design a Zero Trust strategy and architecture (3 Modules).
- Build an overall security strategy and architecture.
- Design a security operations strategy.
- Design an identity security strategy.
2) SC-100: Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies (2 Modules).
- Evaluate a regulatory compliance strategy.
- Evaluate security posture and recommend technical strategies to manage risk.
3) SC-100: Design security for infrastructure (3 Modules).
- Understand architecture best practices and how they are changing with the cloud.
- Design a strategy for securing server and client endpoints.
- Design a strategy for securing PaaS, IaaS, and SaaS services.
4) SC-100: Design a strategy for data and applications (2 Modules).
5) SC-100: Recommend security best practices (3 Modules).
- Recommend security best practices using Microsoft Cybersecurity Reference Architectures (MCRA) and Microsoft Cloud Security Benchmarks.
- Recommend a secure methodology using the Cloud Adoption Framework (CAF).
- Recommend a ransomware strategy by using Microsoft Security Best Practices.
SC-100 Case studies
Check the following case studies that will help you to gain more practical security design and architectural experience. At the time of this writing, these case studies are still new and will evolve over time.
Many of the case studies below are based on cybersecurity design challenges being faced by the fictional Tailwind Traders company.
In each case, the goal will be to understand the overall business objectives of the company, and the specific requirements which need to be met and then provide technical (security) capabilities or solution(s) that meet those requirements.
0) Case Study: Introduction
1) Case study: Build an overall security strategy
2) Case study: Design a Security Operations Solution
3) Case Study: Design an identity security solution
4) Case study: Evaluate regulatory compliance
5) Case study: Evaluate security posture
6) Case study: Security Architecture best practices
7) Case study: Remote access and endpoint strategy
8) Case study: Securing PaaS, IaaS, and SaaS services
9) Case study: Specify security requirements for applications
10) Case study: Design a strategy for securing data
SC-100 Videos
If you are interested to prepare for this exam using video training, then I highly recommend checking the following resources:
> Microsoft: Cybersecurity Reference Architectures (YouTube playlist).
> Pluralsight: Managing Security Operations in Microsoft Azure.
> LinkedIn Learning:
- Microsoft Cybersecurity Architect Expert (SC-100) Cert Prep: 1 Design a Zero Trust Strategy and Architecture.
- Microsoft Cybersecurity Architect Expert (SC-100) Cert Prep: 2 Evaluate Governance Risk Compliance (GRC) and Security Operations Strategies.
- Microsoft Cybersecurity Architect Expert (SC-100) Cert Prep: 3 Design Security for Infrastructure.
- Microsoft Cybersecurity Architect Expert (SC-100) Cert Prep: 4 Design Strategy for Data and Applications.
- Microsoft Azure Security Technologies (AZ-500): Manage Security Operations.
- (SC-300): Microsoft Identity and Access Administrator.
> Microsoft Press: I highly recommend checking the official SC-100 full exam course by Microsoft Press.
This Exam SC-100 Microsoft Cybersecurity Architect video is designed for cybersecurity architects responsible for designing and evolving the cybersecurity strategy to protect an organization’s mission and business processes across all aspects of the enterprise architecture.

This video focuses on the skills measured by the exam objectives:
- Design a Zero Trust strategy and architecture.
- Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies.
- Design security for infrastructure.
- Design a strategy for data and applications.
SC-100 Exam Crash Course
Come join me to level up your security skills as a Microsoft Certified Cybersecurity Architect.
I am happy to share with you that I’ll be doing a live training course that covers the SC-100: Microsoft Cybersecurity Architect Expert certification exam. Passing this exam validates your skills to design a Zero Trust strategy and security architecture in a cloud and hybrid cloud context.
In four hours, I’ll cover every SC-100 exam objective, blending both theory and practice. The SC-100 exam’s core subject matter is unique in that it combines multiple security products-based focuses (Microsoft Defender for Cloud, Microsoft Sentinel, Azure AD, Azure Policy, Microsoft Defender for Endpoint) with cloud security design and architecture.

You’ll learn how to map your subject matter knowledge and expertise to exam SC-100. How Microsoft assesses the learner’s knowledge and skills on the SC-100 exam, and how the learner can best prepare for success.
Next, we see how to use the Microsoft Cybersecurity Reference Architectures (MCRA) to identify the security integration points in an architecture. And finally, we see how to design a security strategy using Microsoft Azure security solutions.
If you registered for the course and you couldn’t attend for any reason, you can always come back and watch the recording at any time.
User’s feedback – I am so happy and grateful to share that students are finding my online training course useful to pass the SC-100 exam. Congratulations!

SC-100 Books
If you are interested to prepare for this exam using books, then I highly recommend checking the following resources:
Updated on 30/06/2022 – At the time of this writing, the following two books are not released yet, however, you can pre-order them now:
> Microsoft Press: Exam Ref SC-100 Microsoft Cybersecurity Architect by four team members of the Microsoft product group. Expected to be released by February 2023. Keep an eye out for when it releases!
> Packt Publishing: Microsoft Cybersecurity Architect Exam Ref SC-100 – Get certified with ease while learning how to develop highly effective cybersecurity strategies (Expected to be released by February 24th, 2023) by Dwayne Natwick.
SC-100 Exam Dumps and Practice Test
If you wish to validate your skills before taking the real exam, I highly encourage you to get the following practice test:
The SC-100: Microsoft Cybersecurity Architect practice test is designed to help you prepare for and pass the Microsoft SC-100 exam. The Measure-Up SC-100 Exam: Microsoft Cybersecurity Architect practice test is aimed at architects and security administrators who want to validate their CyberSecurity skills. You should have knowledge of identity and access, platform protection, security operations, securing data, and securing applications.
This practice test contains 120 questions and covers the following exam objectives:
- Design a Zero Trust strategy and architecture — (40 questions).
- Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies — (28 questions).
- Design security for infrastructure —( 28 questions).
- Design a strategy for data and applications — (24 questions).
Instructor-led virtual training
Last but certainly not least, if you prefer instructor-led training, Microsoft released the SC-100T00 4 days course. This course prepares students with the background to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS).
If you prefer to get prepare for this exam with Microsoft MCT instructor-led virtual training, you can get in contact with me here.
Lessons Learned
Is the SC 100 hard?
I think there is a perception that Architecture is “just drawing” on a whiteboard; however, this exam really went into lots of topics around tooling, strategy, Zero Trust, and Security Operations.
Read, read, and read… I cannot stress enough that understanding all the security concepts in Microsoft 365 Defender, Azure, and Azure AD will help you to pass this exam. The key success to passing this exam is to work with Azure security solutions on regular basis, especially Microsoft Defender for Cloud and Azure AD.
The biggest subjects and topics that I saw on the SC-100 exam are the following:
- Azure Active Directory (Azure AD)
- Identity Governance
- Privileged Identity Management (PIM)
- Access Packages and Access Reviews
- Identity Governance
- Azure AD Identity Protection
- Azure Active Directory Domain Services (Azure AD DS)
- Zero Trust / Azure Landing Zone security
- Azure AD Application Proxy
- Azure Bastion
- Azure Policy
- Secure Azure Storage accounts
- Shared access signature (SAS)
- Blob public access / Storage account key access
- Customer-managed keys for Azure Storage Encryption
- Azure SQL / Azure SQL Managed Instance Security
- Dynamic data masking
- Encrypt a Column of Data
- Data encryption with customer-managed keys
- Private Endpoints
- Microsoft Sentinel
- Send Sentinel logs to Splunk
- Manage Microsoft Sentinel workspaces at scale with Azure Lighthouse
- Workspace region and compliance considerations
- Microsoft 365 Defender
- Microsoft Defender for Cloud Apps
- Microsoft Defender for Endpoint
- Web content filtering
- Microsoft Defender for Cloud
- Secure Storage Accounts
- Vulnerability assessment
- Security Recommendations (Restrict unauthorized network access / Enable endpoint protection)
- Regulatory Compliance (ISO 27001:2013)
- Defender for Servers
- Defender for Containers
- Protect AWS EC2 instances
- Secure Web Apps (App Service) with Azure Front Door
- Secure access to CosmosDB from App Service
- Azure Application Gateway v2 with Web Application Firewall (WAF)
What made the SC-100 exam difficult in my opinion was not technical complexity. In fact, this was one of the less technical Microsoft certification exams that I’ve ever taken. Instead, the complexity was the sheer volume of Microsoft cloud security products you need to recognize.
Because the job role here is “Cybersecurity Architect,” the exam’s not concerned with step-by-step procedures or how-to type of questions. Instead, you choose which Azure services are best for particular workloads.
On the SC-100 exam, you should expect to see a large number of architectural diagrams and asked questions requiring you to interpret them and make recommendations. To be successful here, you must be aware of all the Azure and Microsoft 365 products by name and core functionality.
Overall, I think Microsoft Worldwide Learning is doing a good job of gradually shaping these exams to reflect real-world Azure security best practice scenarios. The SC-100 exam is logically organized and focused solely on security and design using Microsoft 365 Defender, Microsoft Sentinel, Microsoft Defender for Cloud, Azure AD Identity Governance, and Azure Security in general.
In summary, the exam indeed covers lots of different security topics across Azure, Azure AD, and Microsoft 365 services – but it does not go really deep. You just need to have a pretty good idea of which security technologies solve which types of problems.
Topics such as risk management, organizational requirements, security-related processes or active threat hunting (just to name a few) are mostly missing. I would recommend this exam for everyone who is working in the Azure and Microsoft 365 space.
Schedule SC-100 Exam
Updated – 07/04/2022, Microsoft launched the SC-100 exam in beta mode, if you would like to take the beta exam and receive the 80% discount* (first 300 people), use the code below when prompted for payment. This is not a private access code. The SC-100 exam is out of the Beta phase and is now generally available. The beta code below is NOT available anymore.
SC100ARCH
You must register for the exam on or before May 5th, 2022. The seats are offered on a first-come, first-served basis. Please note that this beta exam is NOT available in Turkey, Pakistan, India, or China.
Once you are ready, click Schedule exam here and take it online from the comfort of your home/office with proctor supervision.

Other Microsoft Azure Exam Study Guides
Are you interested in another Azure certification exam? I highly encourage you to check out the following Azure exam study guides:
- Exam AZ-900: Microsoft Azure Fundamentals Exam Study Guide
- Exam AZ-104: Microsoft Azure Administrator Exam Study Guide
- Exam AZ-140: Microsoft Azure Virtual Desktop Exam Study Guide
- Exam AZ-204: Developing Solutions for Microsoft Azure Exam Study Guide
- Exam AZ-303: Microsoft Azure Architect Technologies Exam Study Guide
- Exam AZ-304: Microsoft Azure Architect Design Certification Exam Study Guide
- Exam AZ-500: Microsoft Azure Security Technologies Exam Study Guide
- Exam AZ-600: Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack Hub Exam Study Guide
- Exam AZ-700: Microsoft Azure Network Engineer Associate Study Guide
- Exam AZ-720: Troubleshooting Microsoft Azure Connectivity Study Guide
- Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals Exam Study Guide
- Exam SC-200: Microsoft Security Operations Analyst Exam Study Guide
- Exam SC-300: Microsoft Identity and Access Administrator Exam Study Guide
- Exam SC-400: Microsoft Information Protection Administrator Exam Study Guide
- Exam MS-500: Microsoft 365 Security Administrator Exam Study Guide
- Exam AZ-305: Designing Microsoft Azure Infrastructure Solutions Study Guide
- Exam AZ-800: Administering Windows Server Hybrid Core Infrastructure Study Guide
- Exam AZ-801: Configuring Windows Server Hybrid Advanced Services Study Guide
If you are planning to take the SC-100 exam… I wish you all the best and Happy Studying!!!
__
Thank you for reading my blog.
If you have any questions or feedback, please leave a comment.
-Charbel Nemnom-
Great content man!
Thank you so much!
Thank You, Fernando!
Thank you!
Thank you! Waiting for the discount code.
Thank you, Igor! Stay Tuned, it should come today…
Registered for the exam
Well done Chris and Good Luck!!!
Took the exam! These were helpful materials.
Thank you Konstantin for your comment and for sharing your feedback, much appreciated!
I am so happy and grateful to hear that the materials shared here were helpful to you.
Good luck with the results!
All the best,
Hi Charbel, this is a fantabulous and eye-opening blog. Very insightful, helpful, and guiding professionals in the right way. Much appreciate your efforts.
Which third-party training program would you suggest for SC 100 apart from Microsoft Docs and videos? For an instance would you say Pluralsight or something else?
Hello Sathya, thanks for the comment and feedback, much appreciated!
At the time of this writing, there is no third-party training program that released official training for the SC-100 exam.
However, I would pick one of the well-known third-party providers such as LinkedIn, Microsoft Press, and Pluralsight.
Additionally, I am preparing for live training for the SC-100 exam in November 2022, you can register here if you are interested.
Thank You!
Hello, we have published the new Microsoft Learn learning paths to be used in preparing for SC-100. The previous learning paths posted on the exam page were temporary.
https://docs.microsoft.com/en-us/learn/paths/sc-100-design-zero-trust-strategy-architecture
https://docs.microsoft.com/en-us/learn/paths/sc-100-evaluate-governance-risk-compliance
https://docs.microsoft.com/en-us/learn/paths/sc-100-design-security-for-infrastructure/
https://docs.microsoft.com/en-us/learn/paths/sc-100-design-strategy-for-data-applications/
We would love to hear your feedback on the prep materials. Feel free to reach out to me personally with any recommendations.
Hello Hassan, thank you for reaching out and sharing the new update!
I’ve updated the study guide to include the new Microsoft Learn learning paths to be used in preparing for the SC-100 exam.
I will check them and reach out to you.