Microsoft Cybersecurity Architect (SC-100) – Study Plan

Topics

• SC-100 exam domains (Zero Trust, security posture, incident response, compliance)
• Microsoft Security portfolio (Defender, Sentinel, Entra ID, Purview)
• Zero Trust principles (verify explicitly, least privilege, assume breach)

Activities

• Review the official SC-100 study guide.
• Explore Microsoft’s Zero Trust maturity model.
• Take ExamOS Rookie mode quiz (30 questions) on foundational concepts.
• Note weak domains.

Topics

• Microsoft Entra ID (Azure AD) – identity governance, Conditional Access
• Privileged Identity Management (PIM) and Identity Protection
• External identities (B2B, B2C)
• Zero Trust identity posture assessment

Activities

• Design a Conditional Access policy for a remote workforce.
• Configure PIM for a sample admin role.
• Take ExamOS Challenger mode quiz on Identity & Zero Trust.

Topics

• Microsoft Defender for Endpoint (MDE) – attack surface reduction, EDR
• Defender for Cloud Apps (CASB)
• Microsoft Purview (data classification, DLP, insider risk)
• Information protection and encryption

Activities

• Create a data loss prevention (DLP) policy in Purview.
• Review Defender for Endpoint threat analytics.
• Take ExamOS Challenger mode quiz on Endpoint & Data.

Topics

• Azure network security (NSGs, Azure Firewall, DDoS protection)
• Private access (Azure Private Link, VPN, ExpressRoute)
• Microsegmentation and just‑in‑time access
• Defender for Cloud workload protection

Activities

• Design a hub‑and‑spoke network with security controls.
• Implement just‑in‑time VM access in Defender for Cloud.
• Take ExamOS Challenger mode quiz on Network & Infrastructure.

Topics

• Microsoft Sentinel (SIEM/SOAR) – data ingestion, analytics rules, playbooks
• Incident response lifecycle (detect, investigate, respond, recover)
• Threat hunting with KQL (Kusto Query Language)
• Integration with Microsoft 365 Defender

Activities

• Create a custom analytics rule in Sentinel.
• Build a playbook using Logic Apps.
• Take ExamOS Challenger mode quiz on SecOps.

Topics

• Microsoft Purview compliance (Compliance Manager, Insider Risk)
• Azure Policy, Blueprints, and Management Groups
• Regulatory standards (GDPR, ISO 27001, NIST)
• Compliance score and improvement actions

Activities

• Assess a sample environment’s compliance posture.
• Apply an Azure Policy initiative.
• Take ExamOS Challenger mode quiz on Compliance & Governance.

Topics

• STRIDE and OCTAVE methodologies
• Architecture threat modelling for Azure and Microsoft 365
• Reviewing security controls (preventive, detective, corrective)
• Security recommendations from Microsoft (Well‑Architected Framework)

Activities

• Perform a threat model for a sample web application.
• Map mitigations to Microsoft security services.
• Take ExamOS Challenger mode quiz on Threat Modelling.

Topics

• Cloud adoption framework (CAF) security
• Migrating workloads with Azure Migrate, Defender for Cloud
• Hybrid identity (Entra AD Connect, PTA, federation)
• Extending security to on‑premises and other clouds

Activities

• Design a hybrid identity solution for a merger.
• Plan a security migration from on‑prem to Azure.
• Take ExamOS Challenger mode quiz on Migration & Hybrid.

Topics

• Full syllabus review (all domains)
• Time management for 60 questions (120 minutes)

Activities

• Take ExamOS Challenger mode full quizzes (at least 3).
• Review every incorrect answer; study the explanation.
• Identify weak domains and retake targeted quizzes (premium “Focus mode”).
• Repeat until you pass 3 Challenger quizzes in a row.

Topics

• Realistic exam simulation (60 questions, 120 minutes)
• Case study design questions

Activities

• Take ExamOS Legend mode full quizzes (at least 3).
• Simulate the full 120‑minute exam.
• Review every incorrect answer.
• Once you pass Legend mode twice in a row, schedule your real exam.