Cart 0

Microsoft Cybersecurity Architect (SC-100)

Course 8671
4 DAY COURSE
Price:
Course Outline

This is an advanced, expert-level course. This Microsoft Cybersecurity Architect (SC-100) course prepares students with the expertise to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS).

Although not required to attend, students are strongly encouraged to have taken and passed another associate-level certification in the security, compliance and identity portfolio (such as AZ-500, SC-200 or SC-300) before attending this class. 

Microsoft Cybersecurity Architect (SC-100) Benefits

  • Benefits of Attending

    • Gain hands-on experience with CAF, WAF, MCRA, and MCSB.
    • Build a modern, proactive security posture across your organization.
    • Learn how to defend against ransomware, insider risks, and supply chain attacks.
    • Apply strategies for SaaS, PaaS, IaaS, hybrid, and multicloud workloads.
    • Translate regulatory requirements into practical security solutions.
    • Design protections for identities, endpoints, applications, networks, and data.
    • Test your skills through interactive case studies based on real-world scenarios.

  • Prerequisites

    Before attending this SC-100 course, students must have:

    • Highly recommended to have attended and passed one of the associate-level certifications in the security, compliance and identity portfolio (such as AZ-500, SC-200 or SC-300).
    • Advanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications.
    • Experience with hybrid and cloud implementations.

  • Exam Information

    This course can help you prepare for the following Microsoft role-based certification exam — Microsoft Exam SC-100: Microsoft Cybersecurity Architect.

Microsoft Cybersecurity Architect Course Outline

Learning Objectives

Introduction to Zero Trust and Best Practice Frameworks

  • Introduction to best practices
  • Introduction to Zero Trust
  • Zero Trust initiatives
  • Zero Trust technology pillars (Part 1)
  • Zero Trust technology pillars (Part 2)

Design Security Solutions that Align with CAF and WAF

  • Define a security strategy
  • Cloud Adoption Framework secure methodology
  • Azure Landing Zones and security design
  • Well-Architected Framework and the security pillar

Design Solutions that Align with MCRA and MCSB

  • Microsoft Cybersecurity Reference Architecture and Cloud Security Benchmark
  • Design solutions with best practices for capabilities and controls
  • Protect against insider, external, and supply chain attacks

Design a Resiliency Strategy for Ransomware and Other Attacks

  • Common cyberthreats and attack patterns
  • Support business resiliency
  • Mitigate ransomware with BCDR and privileged access
  • Design solutions for secure backup and restore
  • Evaluate solutions for security updates

Design Solutions for Regulatory Compliance

  • Translate compliance requirements into security controls
  • Address compliance with Microsoft Purview
  • Address privacy requirements with Microsoft Priva
  • Address compliance and security with Azure Policy
  • Validate alignment with standards using Microsoft Defender for Cloud

Design Solutions for Identity and Access Management

  • Design cloud, hybrid, and multicloud access strategies (including Microsoft Entra ID)
  • Design a solution for external identities
  • Design authentication and authorization strategies
  • Align conditional access with Zero Trust
  • Harden Active Directory Domain Services (AD DS)
  • Manage secrets, keys, and certificates

Design Solutions for Securing Privileged Access

  • The enterprise access model
  • Evaluate Microsoft Entra ID security and governance
  • Secure tenant administration
  • Privileged access workstations and bastion services
  • Access review management solutions
  • Secure on-premises AD DS against common attacks

Design Solutions for Security Operations

  • Design monitoring for hybrid and multicloud environments
  • Centralized logging and auditing (including Purview Audit)
  • SIEM and XDR solutions
  • SOAR solutions
  • Security workflows: incident response, threat hunting, and management
  • Threat detection coverage with MITRE ATT&CK matrices

Interactive Case Study – Modernizing Identity and Data Security

  • Apply architect skills to an identity and data security scenario
  • Analyze requirements, answer conceptual and technical questions
  • Design a solution to meet business needs

Interactive Case Study – Modernizing User Access Control and Threat Resilience

  • Apply architect skills to an access control and resilience scenario
  • Analyze requirements, answer conceptual and technical questions
  • Design a solution to meet business needs

Design Solutions for Securing Microsoft 365

  • Evaluate security posture for Exchange, SharePoint, OneDrive, and Teams
  • Design a Microsoft Defender XDR solution
  • Design operational practices for Microsoft 365
  • Evaluate data security and compliance in Microsoft Copilot for Microsoft 365
  • Secure data with Microsoft Purview

Design Solutions for Securing Applications

  • Standards for secure application development
  • Evaluate application portfolio security posture
  • Application threat modeling
  • Security lifecycle strategy for applications
  • Secure workload identities
  • API management and security
  • Secure access to applications

Design Solutions for Securing an Organization’s Data

  • Solutions for data discovery and classification
  • Encryption at rest and in transit (Azure Key Vault, infrastructure encryption)
  • Data security for Azure workloads and storage
  • Security with Microsoft Defender for SQL and Defender for Storage

Interactive Case Study – Securing Apps and Data

  • Apply architect skills to an app and data security scenario
  • Analyze requirements, answer conceptual and technical questions
  • Design a solution to meet business needs

Specify Requirements for Securing SaaS, PaaS, and IaaS Services

  • Security baselines for SaaS, PaaS, and IaaS
  • Security for IoT workloads
  • Security for web workloads
  • Security for containers and orchestration
  • Evaluate AI services security

Design Solutions for Security Posture Management in Hybrid and Multicloud Environments

  • Evaluate posture with Microsoft Cloud Security Benchmark
  • Design integrated posture management and workload protection
  • Evaluate posture with Microsoft Defender for Cloud (secure score)
  • Cloud workload protection with Microsoft Defender for Cloud
  • Integrate environments with Azure Arc
  • External attack surface management
  • Exposure management attack paths

Design Solutions for Securing Server and Client Endpoints

  • Server security requirements
  • Mobile and client device security
  • IoT and embedded device security
  • Secure OT and ICS with Microsoft Defender for IoT
  • Baselines for server and client endpoints
  • Secure remote access
  • Windows LAPS solutions

Design Solutions for Network Security

  • Network segmentation
  • Traffic filtering with NSGs
  • Network posture management
  • Network monitoring
  • Solutions with Microsoft Entra Internet Access
  • Solutions with Microsoft Entra Private Access

Interactive Case Study – Securing Endpoints and Infrastructure

  • Apply architect skills to endpoint and infrastructure security
  • Analyze requirements, answer conceptual and technical questions

Design a solution to meet business needs

Course Dates
Attendance Method
Additional Details (optional)