SC-100 Study Guide: Microsoft Cybersecurity Architect

SC-100 Study Guide: Microsoft Cybersecurity Architect

Categories Microsoft | Certifications | by
23 Min. Read
Share this post:
Share on Bluesky Share on LinkedIn

DISCLOSURE: This post may contain affiliate links, meaning we receive a commission when you click the links and make a purchase. Thank you for your support!

Updated – 13/07/2024 – The exam guide below shows the changes to be implemented starting on July 22, 2024. The study guide has been updated to reflect the new objectives and exam topic weights added and removed by Microsoft Learning.

Updated – 08/02/2024 – The exam guide below shows the changes to be implemented starting on January 23, 2024. The study guide has been updated to reflect the new objectives and exam topic weights added and removed by Microsoft Learning.

Updated – 13/10/2023 – The exam guide below shows the changes to be implemented starting on November 3, 2023. The study guide has been updated to reflect the new objectives and exam topic weights added and removed by Microsoft Learning.

Updated – 17/06/2023 – The exam guide below now includes the Microsoft Learn Exam Readiness videos. The exam preparation videos will assist you in identifying the key areas of knowledge and skills assessed in the SC-100 exam.

Updated – 07/05/2023 – The exam guide below shows the significant changes that will be implemented starting on May 5, 2023. The study guide has been updated to reflect the new objectives and exam topic weights added and removed by Microsoft Learning.

Are you preparing for the SC-100 Microsoft Cybersecurity Architect certification? This study guide will share with you how to successfully prepare and pass the SC-100: Microsoft Certified Cybersecurity Architect Expert (with links to exam objectives).

The increase in cyber security issues in the press seems relentless. Organizational leaders in all types of industries are looking for capable cybersecurity architects to navigate them safely through the dangers of this highly connected world.

Introduction

Microsoft keeps evolving its learning programs to help you and your career keep pace with today’s demanding IT environments. The newly updated role-based certifications will help you to keep pace with today’s business requirements. Microsoft Learning is constantly evolving its learning program to better offer what you need to skill up, prove your expertise to employers and peers, and get the recognition—and opportunities you’ve earned.

After last year’s announcement of the new certification exams that focus on Security, Compliance, and Identity (SCI) solutions, Microsoft Learning announced a new certification exam to complement the security learning path by introducing the new Microsoft Cybersecurity Architect Expert certification, which expands Azure training and certification portfolio.

To obtain the Cybersecurity Architect Expert certification, you need to pass the new SC-100 exam (this study guide) and ONLY ONE of the following four prerequisite security exams:

> Option 1: Exam SC-200: Microsoft Security Operations Analyst.

> Option 2: Exam SC-300: Microsoft Identity and Access Administrator.

> Option 3: Exam AZ-500: Microsoft Azure Security Technologies.

> Option 4: Exam MS-500: Microsoft 365 Security Administration.

Here is the entire path to follow to earn the new Microsoft Certified: Cybersecurity Architect Expert certification:

SC-100 Exam Path: Microsoft Certified Cybersecurity Architect Expert Path
SC-100 Exam Path: Microsoft Certified Cybersecurity Architect Expert Path

// Please note that the MS-500: Microsoft 365 Security Administrator Associate certification will retire on June 30, 2023. It will continue to qualify as a prerequisite option for the SC-100 certification until June 30, 2024 (one year after the certification has retired).

I will keep updating this study guide as soon as I have new materials such as Videos, Books, Crash courses, Practice exam questions, and the official Microsoft instructor-led training.

SC-100 Exam Preparation

How do you prepare for the SC-100 exam?

While preparing to take this exam myself, I would like to share with you how to prepare and pass the SC-100: Microsoft Cybersecurity Architect exam successfully. To prepare for this exam, I usually use a couple of online resources, mainly Microsoft Docs, Microsoft Learn, and Training Labs, which I am going to share with you in the next section.

The exam is available on April 7, 2022, in the Beta phase at the time of this writing. Beta exams are not scored immediately because Microsoft is gathering data on the quality of the questions and the exam. The SC-100 exam is out of beta and is now generally available.

Updated on 05/05/2022  How many questions on SC 100?

In this exam, I got around 48 questions in total with 2 case studies, 2 sections with Yes/No answers, and no lab questions since it’s an architect and design level exam. The total time for this exam is 120 minutes (2 hours). The exam is long, so you need to manage your time and prepare very well. The questions do pretty much match the list of skills measured below.

Updated on 09/07/2022 I am so happy and grateful now that I received the final report for the SC-100 Microsoft Cybersecurity Architect with a passing score as shown in the report below! I want to mention that I did not prepare well when I sat for this exam in May 2022 there were no resource materials available during the beta phase, but since I work with Microsoft Security Solutions daily, I managed to answer most of the questions within 2 hours.

Exam SC-100: Microsoft Cybersecurity Architect
Exam SC-100: Microsoft Cybersecurity Architect

Updated on 04/01/2026  I got 25 questions in total without any case study for the renewal assessment.

Renewal assessment results for Microsoft Certified: Cybersecurity Architect Expert
Renewal assessment results for Microsoft Certified: Cybersecurity Architect Expert

The performance renewal assessment is based on the following five topics:

> Design solutions for security operations.
> Design solutions for security posture management in hybrid and multicloud environments.
> Design solutions for securing Microsoft 365.
> Design solutions for identity and access management.
> Design solutions for regulatory compliance.

Exam Target Audience

The role of a Microsoft Cybersecurity Architect is to use their expertise to create and develop cybersecurity solutions that safeguard an organization’s mission and business processes across all aspects of the enterprise architecture. This involves designing reference models, integrating security into architectures, creating security architectures, and ensuring that the organization is resilient.

The Cybersecurity Architect is responsible for understanding the client’s business and security requirements, choosing suitable security capabilities, and turning the requirements into architectural specifications that minimize risk, comply with privacy requirements, follow best practices, and ensure that critical business assets are confidential, integral, available, and safe. The Cybersecurity Architect also ensures the successful deployment of solutions and ongoing technical viability by assessing and reviewing the security posture.

Collaboration with Security Engineers, Security Operations Analysts, Identity and Access Management Admins, Information Protection Admins, Cloud Security (Azure/M365) Administrator/Engineers, privacy officers, governance, compliance, and risk roles, and solution providers is a continuous part of the Cybersecurity Architect’s job to plan and implement a cybersecurity strategy that caters to an organization’s business needs.

The Cybersecurity Architect should possess knowledge and experience in applying cybersecurity concepts and practices, information security, application security, incident response and recovery techniques, and security standards, policies, and governance frameworks. In addition, the Cybersecurity Architect must be familiar with Microsoft security and identity technologies, hybrid cloud and workload security configurations, and cloud application development solutions.

To prepare for this certification, you should have advanced experience and knowledge in a wide range of security engineering areas including identity and access management (IAM), platform protection, security operations, securing data, and securing applications. You should also have experience with hybrid and cloud implementations.

Please note that to prepare and take the SC-100 exam, I highly recommend studying and passing one of the following three prerequisite exams, before you sit and take the SC-100 exam:

> Exam SC-200: Microsoft Security Operations Analyst.
> Exam SC-300: Microsoft Identity and Access Administrator.
> Exam AZ-500: Microsoft Azure Security Technologies.
> Exam MS-500: Microsoft 365 Security Administration.

Prerequisites

This is the first expert-level certification that Microsoft released in the Security, Compliance, and Identity portfolio. Expert-level certifications target higher-level skills than their associate/fundamental-level counterparts, which may focus on your ability to implement or configure various cloud services. This certification will focus on designing elements of a cybersecurity architecture and evaluating the tradeoffs between different solutions.

As a prerequisite for this exam, you should already have advanced experience and knowledge in a wide range of security engineering areas including identity and access management, platform protection, security operations, securing data, and securing applications.

You are also an excellent candidate for this Cybersecurity Architect certification if you have experience with hybrid and cloud implementations.

The exam is very broad because it’s developed based on the 4 prerequisite exams (SC-200, SC-300, AZ-500, and MS-500). The SC-100 exam covers the full scope of all the different security solutions across all of Azure and Microsoft 365.

The journey to Microsoft Certified: Cybersecurity Architect Expert
Exam Poster from Microsoft [The journey to Microsoft Certified: Cybersecurity Architect Expert]
So, you need to have a very broad understanding of what the different security solutions do, and the capabilities they bring. But you don’t need to know any of them in any depth.

Skills measured on this exam

This exam measures your ability to design, integrate, and develop a security strategy for your organization based on the topics listed below.

I have curated a list of articles from Microsoft Learn documentation based on the significant changes to the SC-100 exam from the previous release. Please share this study guide within your circles so it helps them to prepare for the exam.

Design solutions that align with security best practices and priorities (20–25%)

Design a resiliency strategy for ransomware and other attacks based on Microsoft Security Best Practices

# Design a security strategy to support business resiliency goals, including identifying and prioritizing threats to business-critical assets

# Design solutions for business continuity and disaster recovery (BCDR), including secure backup and restore for hybrid and multi-cloud environments

# Design solutions for mitigating ransomware attacks, including prioritization of BCDR and privileged access

# Evaluate solutions for security updates

Design solutions that align with the Microsoft Cybersecurity Reference Architectures (MCRA) and Microsoft Cloud Security Benchmark (MCSB)

# Design solutions that align with best practices for cybersecurity capabilities and controls

# Design solutions that align with best practices for protecting against insider, external, and supply chain attacks

# Design solutions that align with best practices for Zero Trust security, including the Zero Trust Rapid Modernization Plan (RaMP)

Design solutions that align with the Microsoft Cloud Adoption Framework for Azure and the Microsoft Azure Well-Architected Framework

# Design a new or evaluate an existing strategy for security and governance based on the Microsoft Cloud Adoption Framework (CAF) for Azure and the Microsoft Azure Well-Architected Framework

# Recommend solutions for security and governance based on the Microsoft Cloud Adoption Framework for Azure and the Microsoft Azure Well-Architected Framework

# Design solutions for implementing and governing security by using Azure landing zones

# Design a DevSecOps process that aligns with best practices in the Microsoft Cloud Adoption Framework (CAF)

Design security operations, identity, and compliance capabilities (25–30%)

Design solutions for security operations

# Design a solution for detection and response that includes extended detection and response (XDR) and security information and event management (SIEM)

# Design a solution for centralized logging and auditing, including Microsoft Purview Audit

# Design monitoring to support hybrid and multi-cloud environments

# Design a solution for security orchestration automated response (SOAR), including Microsoft Sentinel and Microsoft Defender XDR

# Design and evaluate security workflows, including incident response, threat hunting, and incident management

# Design and evaluate threat detection coverage by using MITRE ATT&CK matrices, including Cloud, Enterprise, Mobile, and ICS

Design solutions for identity and access management

# Design a solution for access to software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), hybrid/on-premises, and multi-cloud resources, including identity, networking, and application controls

# Design a solution for Microsoft Entra ID, including hybrid and multi-cloud environments

# Design a solution for external identities, including business-to-business (B2B), business-to-customer (B2C), and decentralized identity

# Design a modern authentication and authorization strategy, including Conditional Access, continuous access evaluation, risk scoring, and protected actions

# Validate the alignment of Conditional Access policies with a Zero-Trust strategy

# Specify requirements to harden Active Directory Domain Services (AD DS)

# Design a solution to manage secrets, keys, and certificates

Design solutions for securing privileged access

# Design a solution for assigning and delegating privileged roles by using the enterprise access model

# Evaluate the security and governance of Microsoft Entra ID, including Microsoft Entra Privileged Identity Management (PIM), entitlement management, and access reviews

# Evaluate the security and governance of on-premises Active Directory Domain Services (AD DS), including resilience to common attacks

# Design a solution for securing the administration of cloud tenants, including SaaS and multi-cloud infrastructure and platforms

# Design a solution for cloud infrastructure entitlement management (CIEM) that includes Microsoft Entra Permissions Management

# Evaluate an access review management solution that includes Microsoft Entra Permissions Management

# Design a solution for Privileged Access Workstation (PAW), including remote access

Design solutions for regulatory compliance

# Translate compliance requirements into security controls

# Design a solution to address compliance requirements by using Microsoft Purview

# Design a solution to address privacy requirements, including Microsoft Priva

# Design Azure Policy solutions to address security and compliance requirements

# Evaluate and validate alignment with regulatory standards and benchmarks by using Microsoft Defender for Cloud

Design security solutions for infrastructure (25–30%)

Design solutions for security posture management in hybrid and multi-cloud environments

# Evaluate security posture by using Microsoft Defender for Cloud, including the Microsoft Cloud Security Benchmark (MCSB)

# Evaluate security posture by using Microsoft Secure Score

# Design integrated security posture management solutions that include Microsoft Defender for Cloud in hybrid and multi-cloud environments

# Select cloud workload protection solutions in Microsoft Defender for Cloud

# Design a solution for integrating hybrid and multi-cloud environments by using Azure Arc

# Design a solution for Microsoft Defender External Attack Surface Management (Defender EASM)

# Specify requirements and priorities for a posture management process that uses Exposure Management attack paths, attack surface reduction, security insights, and initiatives

Specify requirements for securing server and client endpoints

# Specify security requirements for servers, including multiple platforms and operating systems

# Specify security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration

# Specify security requirements for IoT devices and embedded systems

# Evaluate solutions for securing operational technology (OT) and industrial control systems (ICS) by using Microsoft Defender for IoT

# Specify security baselines for server and client endpoints

# Evaluate Windows Local Admin Password Solution (LAPS) solutions

Specify requirements for securing SaaS, PaaS, and IaaS services

# Specify security baselines for SaaS, PaaS, and IaaS services

# Specify security requirements for IoT workloads

# Specify security requirements for web workloads

# Specify security requirements for containers

# Specify security requirements for container orchestration

# Evaluate solutions that include Azure AI Services Security

Evaluate solutions for network security and Security Service Edge (SSE)

# Evaluate network designs to align with security requirements and best practices

# Evaluate solutions that use Microsoft Entra Internet Access as a secure web gateway

# Evaluate solutions that use Microsoft Entra Internet Access to access Microsoft 365, including cross-tenant configurations

# Evaluate solutions that use Microsoft Entra Private Access

Design security solutions for applications and data (20–25%)

Evaluate solutions for securing Microsoft 365

# Evaluate security posture for productivity and collaboration workloads by using metrics, including Microsoft Secure Score

# Evaluate solutions that include Microsoft Defender for Office and Microsoft Defender for Cloud Apps

# Evaluate device management solutions that include Microsoft Intune

# Evaluate solutions for securing data in Microsoft 365 by using Microsoft Purview

# Evaluate data security and compliance controls in Microsoft Copilot for Microsoft 365 services

Design solutions for securing applications

# Evaluate the security posture of existing application portfolios

# Evaluate threats to business-critical applications by using threat modeling

# Design and implement a full lifecycle strategy for application security

# Design and implement standards and practices for securing the application development process

  • DevSecOps controls

# Map technologies to application security requirements

# Design a solution for workload identity to authenticate and access Azure cloud resources

# Design a solution for API management and security

# Design solutions that secure applications by using Azure Web Application Firewall (WAF)

Design solutions for securing an organization’s data

# Evaluate solutions for data discovery and classification

# Specify priorities for mitigating threats to data

# Evaluate solutions for encryption of data at rest and in transit, including Azure KeyVault and infrastructure encryption

# Design a security solution for data in Azure workloads, including Azure SQL, Azure Synapse Analytics, and Azure Cosmos DB

# Design a security solution for data in Azure Storage

# Design a security solution that includes Microsoft Defender for Storage and Microsoft Defender for Databases

Microsoft Learn – Study Resources

To prepare for this exam, I use the new Microsoft Learn, a great resource that provides self-paced skills training on a variety of Azure security topics.

I highly recommend checking the following modules, including the ones from the SC-200 Microsoft Security Operations Analyst and the SC-300 Microsoft Identity and Access Administrator.

> SC-200: Mitigate threats using Microsoft Defender for Endpoint (10 modules)
> SC-200: Mitigate threats using Microsoft 365 Defender (8 modules)
> SC-200: Mitigate threats using Microsoft Defender for Cloud (5 modules)
> SC-200: Configure your Microsoft Sentinel environment (5 modules)

> SC-300: Implement an identity management solution (4 modules)
> SC-300: Implement an Authentication and Access Management solution (4 modules)
> SC-300: Implement Access Management for Apps (3 modules)
> SC-300: Plan and implement an identity governance strategy (4 modules)

> Learn: Build a cloud governance strategy on Azure
> Learn: Improve your cloud security posture with Microsoft Defender for Cloud
> Learn: Use a framework to identify threats and find ways to reduce or eliminate the risk
> Learn: Secure your Azure Storage account
> Learn: Secure your cloud apps and services with Microsoft Defender for Cloud Apps

SC-100 Official Learning Path

Updated on 08/05/2023 – The Microsoft learning team just put together a learning path dedicated to the SC-100 exam in a structured way to help you focus on the exam objectives.

I highly recommend checking the following modules for each exam topic on the SC-100 learning path:

1) SC-100: Design solutions that align with security best practices and priorities (5 Modules).

2) SC-100: Design security operations, identity, and compliance capabilities (5 Modules).

3) SC-100: Design security solutions for infrastructure (5 Modules).

4) SC-100: Design security solutions for applications and data (4 Modules).

SC-100 Case Studies

Check the following case studies that will help you to gain more practical security design and architectural experience. Those case studies were reorganized for the May 2023 exam content refresh.

Many of the case studies below are based on cybersecurity design challenges being faced by the fictional Tailwind Traders company.

In each case, the goal will be to understand the overall business objectives of the company and the specific requirements that need to be met, and then provide technical (security) capabilities or solution(s) that meet those requirements.

0) Case Study: Introduction

1) Case study: Design a Zero Trust solution
2) Case study: Architecture best practices
3) Case Study: Design solutions that align with the Cloud Adoption Framework (CAF)
4) Case study: Design solutions with best practices from MCRA and MCSB
5) Case study: Design a resiliency strategy for a ransomware attack

6) Case study: Evaluate regulatory compliance
7) Case study: Design an identity security solution
8) Case study: Design solutions for securing privileged access
9) Case study: Design solutions for security operations
10) Case study: Design solutions for securing Microsoft 365

11) Case study: Design solutions for securing applications
12) Case study: Design solutions for securing an organization’s data
13) Case study: Specify requirements for securing SaaS PaaS and IaaS services
14) Case study: Design solutions for security posture management and threat intelligence
15) Case study: Create a remote access and endpoint strategy

SC-100 Labs

The SC-100 exam does not contain any labs, however, it’s strongly recommended to explore the Microsoft security tools on your own.

You can get free Azure and M365 subscriptions and try out a few labs for the security technologies mentioned in this study guide.

You can refer to the related hands-on labs below developed by Microsoft product groups:

SC-100 Videos

If  you are interested in preparing for this exam using video training, then I highly recommend checking the following resources:

> Microsoft: Cybersecurity Reference Architectures (YouTube playlist).

> Pluralsight: Managing Security Operations in Microsoft Azure.

> LinkedIn Learning:

> Microsoft Press: I highly recommend checking the official SC-100 full exam course by Microsoft Press.

This Exam SC-100 Microsoft Cybersecurity Architect video is designed for cybersecurity architects responsible for designing and evolving the cybersecurity strategy to protect an organization’s mission and business processes across all aspects of the enterprise architecture.

Exam SC-100 Microsoft Cybersecurity Architect (Video)
Exam SC-100 Microsoft Cybersecurity Architect (Video)

This video focuses on the skills measured by the exam objectives:

  • Design a Zero-Trust strategy and architecture.
  • Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies.
  • Design security for infrastructure.
  • Design a strategy for data and applications.

SC-100 Exam Crash Course

Come join me to level up your security skills as a Microsoft Certified Cybersecurity Architect.

I am happy to share with you that I’ll be doing a live training course that covers the SC-100: Microsoft Cybersecurity Architect Expert certification exam. Passing this exam validates your skills to design a Zero Trust strategy and security architecture in a cloud and hybrid cloud context.

In four hours, I’ll cover every SC-100 exam objective, blending both theory and practice. The SC-100 exam’s core subject matter is unique in that it combines multiple security products-based focuses (Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Entra ID, Azure Policy, Microsoft Defender for Endpoint) with cloud security design and architecture.

Exam SC-100: Microsoft Cybersecurity Architect Crash Course
Exam SC-100: Microsoft Cybersecurity Architect Crash Course

You’ll learn how to map your subject matter knowledge and expertise to exam SC-100. How Microsoft assesses the learner’s knowledge and skills on the SC-100 exam and how the learner can best prepare for success.

Next, we will see how to use Microsoft Cybersecurity Reference Architectures (MCRA) to identify the security integration points in an architecture. Finally, we will see how to design a security strategy using Microsoft Azure security solutions.

Join my Exam SC-100: Microsoft Cybersecurity Architect Crash Course on July 30, 2024, from 4 to 8 p.m. Central European Time.

If you registered for the course and couldn’t attend, you can always come back and watch the recording at any time.

– Learners’ feedback –

Testimonial - Passing the SC-100 Certification Exam 1
Testimonial – Passing the SC-100 Certification Exam 1

I am so happy and grateful to share that students are finding my online training course useful to pass the SC-100 exam. Congratulations!

Testimonial - Passing the SC-100 Certification Exam 2
Testimonial – Passing the SC-100 Certification Exam 2

SC-100 Exam Readiness

The Microsoft Learn exam readiness is a team of experts who share valuable insights, techniques, and strategies to help you prepare effectively for your Microsoft Certification exam.

The comprehensive exam preparation videos will assist you in identifying the key areas of knowledge and skills assessed in the SC-100 exam, as well as guide you on how to allocate your study time efficiently. Each video segment below corresponds to a significant topic covered in the latest SC-100 exam, and the trainer highlights objectives that many test takers typically find challenging.

1) Exam Readiness VideoDesign solutions that align with security best practices and priorities.

2) Exam Readiness VideoDesign security operations, identity, and compliance capabilities.

3) Exam Readiness VideoDesign security solutions for infrastructure.

4) Exam Readiness VideoDesign security solutions for applications and data.

These videos include illustrative sample questions and detailed explanations of the answers. We recommend watching these videos once you have completed your training or gained some practice, although you are welcome to view them at any stage of your certification journey. Additionally, they provide additional resources to further aid you in your SC-100 exam preparation.

SC-100 Books

If  you are interested to prepare for this exam using books, then I highly recommend checking the following resources:

> Microsoft Press: Exam Ref SC-100 Microsoft Cybersecurity Architect by four team members of the Microsoft product group. Expected to be released by the end of January 2023.

Exam Ref SC-100 Microsoft Cybersecurity Architect
Exam Ref SC-100 Microsoft Cybersecurity Architect

> Packt Publishing: Microsoft Cybersecurity Architect Exam Ref SC-100 – Get certified with ease while learning how to develop highly effective cybersecurity strategies (Expected to be released by the end of January 2023) by fellow Microsoft MVP, Dwayne Natwick.

SC-100 Exam Dumps and Practice Test

If you wish to validate your skills before taking the real exam, I highly encourage you to check one of the following practice tests:

Measure-Up Practice Test

The SC-100: Microsoft Cybersecurity Architect practice test is designed to help you prepare for and pass the Microsoft SC-100 exam. The Measure-Up SC-100 Exam: Microsoft Cybersecurity Architect practice test is aimed at architects and security administrators who want to validate their CyberSecurity skills. You should know identity and access, platform protection, security operations, securing data, and securing applications.

This practice test contains 120 questions and covers the following exam objectives:

  • Design a Zero Trust strategy and architecture — (40 questions).
  • Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies — (28 questions).
  • Design security for infrastructure —( 28 questions).
  • Design a strategy for data and applications — (24 questions).

Pearson Practice Test

Prepare for Microsoft Exam SC-100 and demonstrate your mastery of designing and evolving cybersecurity strategy with two complete Pearson practice tests that include 120 unique questions. Exam SC-100 Microsoft Cybersecurity Architect validates your skills to design and evaluate cybersecurity strategies in Zero Trust strategy, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications.

Exam SC-100 Microsoft Cybersecurity Architect (Pearson Practice Test)
Exam SC-100 Microsoft Cybersecurity Architect (Pearson Practice Test)

This integrated learning practice test:

  • Includes 60 unique questions in each practice test authored by experts, mapped to domains of Exam SC-100.
  • Provides you with tricks to memorize the concepts as you work on Exam SC-100 practice test questions.
  • Enables you to focus on individual topic areas or take complete, timed exams (120 min to answer 60 questions) in both study and exam practice modes so that you get familiar with Exam SC-100 format, style, and difficulty.
  • Includes a flash card feature that strengthens your preparation for Exam SC-100.
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your Exam SC-100 knowledge areas to help you focus your study where it is needed most.

Instructor-led SC-100T00 Course

Last but certainly not least, if you prefer instructor-led training, Microsoft released the SC-100T00 4-day course. This course prepares students with the background to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS).

If you prefer to prepare for this exam with Microsoft MCT instructor-led virtual training, you can get in contact with me here.

Lessons Learned

Is the SC 100 hard?

I think there is a perception that Architecture is “just drawing” on a whiteboard; however, this exam went into lots of topics around tooling, strategy, Zero Trust, and Security Operations.

Most questions I saw in the exam covered general availability (GA) features. However, the exam may contain questions on Preview features if Microsoft sees that those features are commonly used.

Read, read, and read… I cannot stress enough that understanding all the security concepts in Microsoft 365 Defender, Azure, and Microsoft Entra ID will help you pass this exam. The key to success in passing this exam is to work with Azure security solutions regularly, especially Microsoft Defender for Cloud and Microsoft Entra ID.

The biggest subjects and topics that I saw on the SC-100 exam are the following:

  • Microsoft Entra ID (formerly Azure AD)
    • Identity Governance
      • Privileged Identity Management (PIM)
      • Access Packages and Access Reviews
  • Microsoft Entra Identity Protection
  • Azure Active Directory Domain Services (Azure AD DS)
  • Zero Trust / Azure Landing Zone security
  • Microsoft Entra Application Proxy
  • Azure Bastion
  • Azure Policy
  • Secure Azure Storage accounts
    • Shared access signature (SAS)
    • Blob public access / Storage account key access
    • Customer-managed keys for Azure Storage Encryption
  • Azure SQL / Azure SQL Managed Instance Security
    • Dynamic data masking
    • Encrypt a Column of Data
    • Data encryption with customer-managed keys
  • Private Endpoints
  • Microsoft Sentinel
    • Send Sentinel logs to Splunk
    • Manage Microsoft Sentinel workspaces at scale with Azure Lighthouse
    • Workspace region and compliance considerations
  • Microsoft 365 Defender
  • Microsoft Defender for Cloud Apps
  • Microsoft Defender for Endpoint
    • Web content filtering
  • Microsoft Defender for Cloud
    • Secure Storage Accounts
    • Vulnerability assessment
    • Security Recommendations (Restrict unauthorized network access / Enable endpoint protection)
    • Regulatory Compliance (ISO 27001:2013)
    • Defender for Servers
    • Defender for Containers
    • Protect AWS EC2 instances
  • Secure Web Apps (App Service) with Azure Front Door
  • Secure access to CosmosDB from the App Service
  • Azure Application Gateway v2 with Web Application Firewall (WAF)

What made the SC-100 exam difficult in my opinion was not technical complexity. This was one of the less technical Microsoft certification exams that I’ve ever taken. Instead, the complexity was the sheer volume of Microsoft cloud security products you need to recognize.

Because the job role here is “Cybersecurity Architect,” the exam is not concerned with step-by-step procedures or how-to type of questions. Instead, you choose which Azure services are best for particular workloads.

On the SC-100 exam, you should expect to see a large number of architectural diagrams and asked questions requiring you to interpret them and make recommendations. To be successful here, you must be aware of all the Azure and Microsoft 365 products by name and core functionality.

Overall, I think Microsoft Worldwide Learning is doing a good job of gradually shaping these exams to reflect real-world Azure security best practice scenarios. The SC-100 exam is logically organized and focused solely on security and design using Microsoft 365 Defender, Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft Entra Identity Governance, and Azure Security in general.

In summary, the exam indeed covers lots of different security topics across Azure, Microsoft Entra ID, and Microsoft 365 services – but it does not go deep. You need to have a pretty good idea of which security technologies solve which types of problems.

Topics such as risk management, organizational requirements, security-related processes, or active threat hunting (to name a few) are mostly missing. I would recommend this exam for everyone who is working in the Azure and Microsoft 365 space.

Schedule SC-100 Exam

Updated – 07/04/2022, Microsoft launched the SC-100 exam in beta mode; if you want to take the beta exam and receive the 80% discount* (first 300 people), use the code below when prompted for payment. This is not a private access code. The SC-100 exam is out of the Beta phase and is now generally available. The beta code below is NOT available anymore.

SC100ARCH

You must register for the exam on or before May 5th, 2022. The seats are offered on a first-come, first-served basis. Please note that this beta exam is NOT available in Turkey, Pakistan, India, or China.

Once you are ready, click Schedule exam here and take it online from the comfort of your home/office with proctor supervision.

Exam SC-100: Microsoft Cybersecurity Architect
Exam SC-100: Microsoft Cybersecurity Architect

Other Microsoft Azure Exam Study Guides

Are you interested in another Azure certification exam? I highly encourage you to check out the following Azure exam study guides:

If you are planning to take the SC-100 exam… I wish you all the best and Happy Studying!!!

__
Thank you for reading my blog.

If you have any questions or feedback, please leave a comment.

-Charbel Nemnom-

Previous

AZ-720 Study Guide: Troubleshooting Microsoft Azure Connectivity

How Azure Stack HCI is Forcing Changes in your Datacenter

Next

15 thoughts on “SC-100 Study Guide: Microsoft Cybersecurity Architect”

Leave a comment...

  9. Thank you Konstantin for your comment and for sharing your feedback, much appreciated!
    I am so happy and grateful to hear that the materials shared here were helpful to you.
    Good luck with the results!
    All the best,

  10. Hi Charbel, this is a fantabulous and eye-opening blog. Very insightful, helpful, and guiding professionals in the right way. Much appreciate your efforts.
    Which third-party training program would you suggest for SC 100 apart from Microsoft Docs and videos? For an instance would you say Pluralsight or something else?

  11. Hello Sathya, thanks for the comment and feedback, much appreciated!
    At the time of this writing, there is no third-party training program that released official training for the SC-100 exam.
    However, I would pick one of the well-known third-party providers such as LinkedIn, Microsoft Press, and Pluralsight.
    Additionally, I am preparing for live training for the SC-100 exam in November 2022, you can register here if you are interested.
    Thank You!

  12. Hello, we have published the new Microsoft Learn learning paths to be used in preparing for SC-100. The previous learning paths posted on the exam page were temporary.

    https://docs.microsoft.com/en-us/learn/paths/sc-100-design-zero-trust-strategy-architecture
    https://docs.microsoft.com/en-us/learn/paths/sc-100-evaluate-governance-risk-compliance
    https://docs.microsoft.com/en-us/learn/paths/sc-100-design-security-for-infrastructure/
    https://docs.microsoft.com/en-us/learn/paths/sc-100-design-strategy-for-data-applications/

    We would love to hear your feedback on the prep materials. Feel free to reach out to me personally with any recommendations.

  13. Hello Hassan, thank you for reaching out and sharing the new update!
    I’ve updated the study guide to include the new Microsoft Learn learning paths to be used in preparing for the SC-100 exam.
    I will check them and reach out to you.

  14. Passed SC-100 yesterday with 742 marks. Thanks, Charbel. This page was useful. The majority of questions were on identity strategy.

  15. Thank you, Imran, for the comment and for sharing your experience!
    I am happy to hear that you passed the SC-100 exam and my study guide helped you.
    All the best,

Let us know what you think, or ask a question...