SC-100T00 – Microsoft Cybersecurity Architect

Course Duration

4 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

Candidates should hold an Associate-level Microsoft security certification such as AZ-500, SC-200, or SC-300, or have equivalent hands-on experience in cybersecurity architecture and Azure security.

Course Description

This Expert-level course prepares senior security professionals to design and evaluate cybersecurity strategy across enterprise environments. Covering Zero Trust architecture, security operations, identity, compliance, data, application, and infrastructure security, this course addresses the full scope of the SC-100 exam. Participants will learn to translate business requirements into technical security solutions, assess security posture, and advise executive leadership on risk and governance. Ideal for DoD and federal security architects, ISSMs, and senior engineers moving into an architect role.

Learning Objectives

• Design a Zero Trust strategy and architecture aligned with organizational requirements
• Evaluate and design a security operations strategy including logging, SIEM, and SOAR
• Design an identity security strategy using Azure Active Directory and hybrid identity
• Evaluate regulatory compliance strategies against GRC frameworks including NIST, FedRAMP, and CMMC
• Assess and improve security posture using Microsoft Defender for Cloud and Secure Score
• Design security for infrastructure including servers, containers, and hybrid environments
• Design a security strategy for applications including DevSecOps and API protection
• Design a data security strategy covering classification, protection, and governance
• Recommend security best practices using Microsoft Cybersecurity Reference Architectures (MCRA)
• Translate business risk requirements into actionable technical security architecture

Course Outline

Module 1 – BUILD AN OVERALL SECURITY STRATEGY AND ARCHITECTURE

• Introduction to Zero Trust and best practice frameworks
• Design solutions that align with the Cloud Adoption Framework and Well-Architected Framework
• Design solutions that align with Microsoft Cybersecurity Reference Architectures (MCRA)
• Translate business goals into security requirements
• Design a resiliency strategy for ransomware and other attacks
• Design a security strategy for hybrid and multi-cloud environments

Module 2 – DESIGN A SECURITY OPERATIONS STRATEGY

• Design a security operations strategy for logging and auditing
• Design a security operations strategy for SIEM and SOAR using Microsoft Sentinel
• Design a security operations strategy for incident management
• Design a security operations strategy for monitoring hybrid and multi-cloud environments
• Design a strategy for security workflow automation

Module 3 – DESIGN AN IDENTITY SECURITY STRATEGY

• Design a strategy for access to cloud resources
• Recommend an identity store for security
• Recommend a secure authentication strategy
• Recommend a secure authorization strategy
• Design a strategy for conditional access and identity protection
• Design a strategy for privileged access and role assignments
• Design a security strategy for hybrid and external identities

Module 4 – EVALUATE REGULATORY COMPLIANCE

• Interpret compliance requirements and translate into technical controls
• Evaluate compliance using Microsoft Defender for Cloud
• Evaluate privacy requirements
• Address compliance requirements using Azure Policy
• Evaluate infrastructure compliance using Microsoft Defender for Cloud
• Design a data residency strategy
• Translate privacy requirements into controls for data and applications

Module 5 – EVALUATE SECURITY POSTURE AND RECOMMEND TECHNICAL STRATEGIES

• Evaluate security posture using benchmarks and MCSB
• Evaluate security posture using Microsoft Defender for Cloud
• Evaluate security posture of cloud workloads
• Evaluate external attack surface using Microsoft Defender External Attack Surface Management
• Assess organizational security hygiene using Secure Score
• Review security posture for on-premises and hybrid environments
• Design technical security improvements

Module 6 – DESIGN SECURITY FOR INFRASTRUCTURE

• Design a security strategy for endpoint security
• Design a strategy for server and client endpoint security
• Design security for OT and IoT workloads
• Design a security baseline strategy for server workloads
• Design a security strategy for containers and container orchestration

Module 7 – DESIGN A STRATEGY FOR DATA AND APPLICATIONS

• Design an application security strategy
• Prioritize threats using threat modeling
• Design a security lifecycle strategy for applications
• Secure access to workloads using identity-based security controls
• Design a DevSecOps strategy
• Design a data security strategy
• Design a strategy for data classification and labeling
• Design a strategy for data encryption at rest and in transit

Frequently Asked Questions