SC-100T00 Microsoft Cybersecurity Architect training course

1 — Introduction to Zero Trust and best practice frameworks

• Zero Trust initiatives
• Zero Trust technology pillars part 1
• Zero Trust technology pillars part 2

2 — Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)

• Define a security strategy
• Cloud Adoption Framework secure methodology
• Design security with Azure Landing Zones
• The Well-Architected Framework security pillar

3 — Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB)

• Design solutions with best practices for capabilities and controls
• Design solutions with best practices for attack protection

4 — Design a resiliency strategy for common cyberthreats like ransomware

• Common cyberthreats and attack patterns
• Support business resiliency
• Ransomware protection
• Configurations for secure backup and restore
• Security updates

5 — Case study: Design solutions that align with security best practices and priorities

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough

6 — Design solutions for regulatory compliance

• Translate compliance requirements into a security solution
• Address compliance requirements with Microsoft Purview
• Address privacy requirements with Microsoft Priva
• Address security and compliance requirements with Azure policy
• Evaluate infrastructure compliance with Defender for Cloud

7 — Design solutions for identity and access management

• Design cloud, hybrid and multicloud access strategies (including Microsoft Entra ID)
• Design a solution for external identities
• Design modern authentication and authorization strategies
• Align conditional access and Zero Trust
• Specify requirements to secure Active Directory Domain Services (AD DS)
• Design a solution to manage secrets, keys, and certificates

8 — Design solutions for securing privileged access

• The enterprise access model
• Design identity governance solutions
• Design a solution to secure tenant administration
• Design a solution for cloud infrastructure entitlement management (CIEM)
• Design a solution for privileged access workstations and bastion services

9 — Design solutions for security operations

• Design security operations capabilities in hybrid and multicloud environments
• Design centralized logging and auditing
• Design security information and event management (SIEM) solutions
• Design solutions for detection and response
• Design a solution for security orchestration, automation, and response (SOAR)
• Design security workflows
• Design threat detection coverage

10 — Case study: Design security operations, identity and compliance capabilities

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough

11 — Design solutions for securing Microsoft 365

• Evaluate security posture for collaboration and productivity workloads
• Design a Microsoft Defender XDR solution
• Design configurations and operational practices for Microsoft 365

12 — Design solutions for securing applications

• Design and implement standards to secure application development
• Evaluate security posture of existing application portfolios
• Evaluate application threats with threat modeling
• Design security lifecycle strategy for applications
• Secure access for workload identities
• Design a solution for API management and security
• Design a solution for secure access to applications

13 — Design solutions for securing an organization's data

• Design a solution for data discovery and classification using Microsoft Purview
• Design a solution for data protection
• Design data security for Azure workloads
• Design security for Azure Storage
• Design a security solution with Microsoft Defender for SQL and Microsoft Defender for Storage

14 — Case study: Design security solutions for applications and data

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough

15 — Specify requirements for securing SaaS, PaaS, and IaaS services

• Specify security baselines for SaaS, PaaS, and IaaS services
• Specify security requirements for web workloads
• Specify security requirements for containers and container orchestration

16 — Design solutions for security posture management in hybrid and multicloud environments

• Evaluate security posture by using Microsoft Cloud Security Benchmark
• Design integrated posture management and workload protection
• Evaluate security posture by using Microsoft Defender for Cloud
• Posture evaluation with Microsoft Defender for Cloud secure score
• Design cloud workload protection with Microsoft Defender for Cloud
• Integrate hybrid and multicloud environments with Azure Arc
• Design a solution for external attack surface management

17 — Design solutions for securing server and client endpoints

• Specify server security requirements
• Specify requirements for mobile devices and clients
• Specify internet of things (IoT) and embedded device security requirements
• Secure operational technology (OT) and industrial control systems (ICS) with Microsoft Defender for IoT
• Specify security baselines for server and client endpoints
• Design a solution for secure remote access

18 — Design solutions for network security

• Design solutions for network segmentation
• Design solutions for traffic filtering with network security groups
• Design solutions for network posture management
• Design solutions for network monitoring

19 — Case study: Design security solutions for infrastructure

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough