Microsoft Cybersecurity Architect (SC-100) Practice Exam
- Test Code:1121-P
- Availability:In Stock
-
$7.99
- Ex Tax:$7.99
Microsoft Cybersecurity Architect (SC-100) Practice Exam
The Microsoft Cybersecurity Architect (SC-100) certification validates your ability to design, implement, and manage comprehensive security solutions for organizations leveraging Microsoft Azure and related technologies. This globally recognized credential equips you with the knowledge and skills to:
Who should consider this Certification:
- Cloud security architects: Enhance your expertise in designing and implementing secure Microsoft cloud solutions.
- IT security professionals: Broaden your knowledge of Microsoft security solutions and apply them to your existing security architecture.
- Security-minded individuals seeking career advancement: Stand out in the job market by demonstrating your proficiency in Microsoft security architecture.
Key Roles and Responsibilities:
- Design secure cloud solutions: Translate business security requirements into secure cloud architecture blueprints using Microsoft Azure services.
- Implement security controls: Select and implement appropriate security controls based on risk assessments and industry best practices.
- Manage identity and access: Design and configure secure identity and access management solutions using Azure Active Directory and other relevant services.
- Protect data and applications: Implement security measures to protect data at rest, in transit, and in use across different platforms and applications.
- Respond to security incidents: Develop and implement security incident response procedures and leverage Azure security tools for investigation and remediation.
- Maintain security posture: Continuously monitor security posture, identify vulnerabilities, and implement ongoing security improvements.
Exam Details:
- Format: Multiple-choice questions and case studies
- Time Limit: 150 minutes
- Languages: English, Japanese, Korean, Simplified Chinese, Spanish
- Passing Score: 70%
Course Outline
Domain 1 - Understanding to Design solutions that align with security best practices and priorities (20–25%)
1.1 Designing a resiliency strategy for ransomware and other attacks based on Microsoft Security Best Practices
- Learning to Design a security strategy to support business resiliency goals, including identifying and prioritizing threats to business-critical assets
- Learning to Design solutions that align with Microsoft ransomware best practices, including backup, restore, and privileged access
- Learning to Design configurations for secure backup and restore by using Azure Backup for hybrid and multicloud environments
- Learning to Design solutions for security updates
1.2 Designing solutions that align with the Microsoft Cybersecurity Reference Architectures (MCRA) and Microsoft cloud security benchmark (MCSB)
- Learning to Design solutions that align with best practices for cybersecurity capabilities and controls
- Learning to Design solutions that align with best practices for protecting against insider and external attacks
- Learning to Design solutions that align with best practices for Zero Trust security, including the Zero Trust Rapid Modernization Plan
1.3 Designing solutions that align with the Microsoft Cloud Adoption Framework for Azure and the Azure Well-Architected Framework
- Learning to Design a new or evaluate an existing strategy for security and governance based on the CAF and the Well-Architected Framework
- Learning to Recommend solutions for security and governance based on the the Microsoft Cloud Adoption Framework for Azure and the Well-Learning to Architected Framework
- Learning to Design solutions for implementing and governing security by using an Azure landing zone
- Learning to Design a DevSecOps process
Domain 2 - Understanding to Design security operations, identity, and compliance capabilities (30–35%)
2.1 Designing solutions for security operations
- Learning to Develop security operations capabilities to support a hybrid or multicloud environment
- Learning to Design a solution for centralized logging and auditing
- Learning to Design a solution for security information and event management (SIEM), including Microsoft Sentinel
- Learning to Design a solution for detection and response that includes extended detection and response (XDR)
- Learning to Design a solution for security orchestration automated response (SOAR), including Microsoft Sentinel and Microsoft Defender
- Learning to Design and evaluate security workflows, including incident response, threat hunting, incident management, and threat intelligence
- Learning to Design and evaluate threat detection coverage by using MITRE ATT&CK
2.2 Designing solutions for identity and access management
- Learning to Design a solution for access to software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), hybrid/on-premises, and multicloud resources, including identity, networking, and application controls
- Learning to Design a solution for Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra, including hybrid and multicloud environments
- Learning to Design a solution for external identities, including B2B, B2C, and decentralized identities
- Learning to Design a modern authentication and authorization strategy, including Conditional Access, continuous access evaluation, threat intelligence integration, and risk scoring
- Learning to Validate the alignment of Conditional Access policies with a Zero Trust strategy
- Learning to Specify requirements to secure Active Directory Domain Services (AD DS)
- Learning to Design a solution to manage secrets, keys, and certificates
2.3 Designing solutions for securing privileged access
- Learning to Design a solution for assigning and delegating privileged roles by using the enterprise access model
- Learning to Design an identity governance solution, including Privileged Identity Management (PIM), Privileged Access Management (PAM), privileged entitlement management, and access reviews
- Learning to Design a solution for securing the administration of cloud tenants, including SaaS and multicloud infrastructure and platforms
- Learning to Design a solution for cloud infrastructure entitlement management that includes Microsoft Entra Permissions Management
- Learning to Design a solution for Privileged Access Workstation (PAW) and bastion services
2.4 Designing solutions for regulatory compliance
- Learning to Translate compliance requirements into a security solution
- Learning to Design a solution to address compliance requirements by using Microsoft Purview risk and compliance solutions
- Learning to Design a solution to address privacy requirements, including Microsoft Priva
- Learning to Design Azure Policy solutions to address security and compliance requirements
- Learning to Evaluate infrastructure compliance by using Microsoft Defender for Cloud
Domain 3 - Understanding to Design security solutions for infrastructure (20–25%)
3.1 Designing solutions for security posture management in hybrid and multicloud environments
- Learning to Evaluate security posture by using MCSB
- Learning to Evaluate security posture by using Defender for Cloud
- Learning to Evaluate security posture by using Microsoft Secure Score
- Learning to Design integrated security posture management and workload protection solutions in hybrid and multicloud environments, including Defender for Cloud
- Learning to Design cloud workload protection solutions that use Defender for Cloud, such as Microsoft Defender for Servers, Microsoft Defender for App Service, and Microsoft Defender for SQL
- Learning to Design a solution for integrating hybrid and multicloud environments by using Azure Arc
- Learning to Design a solution for Microsoft Defender External Attack Surface Management (Defender EASM)
3.2 Designing solutions for securing server and client endpoints
- Learning to Specify security requirements for servers, including multiple platforms and operating systems
- Learning to Specify security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
- Learning to Specify security requirements for IoT devices and embedded systems
- Learning to Design a solution for securing operational technology (OT) and industrial control systems (ICS) by using Microsoft Defender for IoT
- Learning to Specify security baselines for server and client endpoints
- Learning to Design a solution for secure remote access
3.3 Specifying requirements for securing SaaS, PaaS, and IaaS services
- Learning to Specify security baselines for SaaS, PaaS, and IaaS services
- Learning to Specify security requirements for IoT workloads
- Learning to Specify security requirements for web workloads, including Azure App Service
- Learning to Specify security requirements for containers
- Learning to Specify security requirements for container orchestration
Domain 4 - Understanding to Design security solutions for applications and data (20–25%)
4.1 Designing solutions for securing Microsoft 365
- Learning to Evaluate security posture for productivity and collaboration workloads by using metrics, including Secure Score and Defender for Cloud secure score
- Learning to Design a Microsoft 365 Defender solution
- Learning to Design secure configurations and operational practices for Microsoft 365 workloads and data
4.2 Designing solutions for securing applications
- Learning to Evaluate the security posture of existing application portfolios
- Learning to Evaluate threats to business-critical applications by using threat modeling
- Learning to Design and implement a full lifecycle strategy for application security
- Learning to Design and implement standards and practices for securing the application development process
- Learning to Map technologies to application security requirements
- Learning to Design a solution for workload identity to authenticate and access Azure cloud resources
- Learning to Design a solution for API management and security
- Learning to Design a solution for secure access to applications, including Azure Web Application Firewall (WAF) and Azure Front Door
4.2 Designing solutions for securing an organization's data
- Learning to Design a solution for data discovery and classification by using Microsoft Purview data governance solutions
- Learning to Specify priorities for mitigating threats to data
- Learning to Design a solution for protection of data at rest, data in motion, and data in use
- Learning to Design a security solution for data in Azure workloads, including Azure SQL, Azure Synapse Analytics, and Azure Cosmos DB
- Learning to Design a security solution for data in Azure Storage
- Learning to Design a security solution that includes Microsoft Defender for Storage and Microsoft Defender for SQL