SC-100 Exam Study Guide: Microsoft Cybersecurity Architect

Welcome to my SC-100 Exam Study Guide (Microsoft Cyber Security Architect exam). The purpose of the study guide is to help you study and gain the experience required to pursue and pass the SC-100 Exam and earn the Microsoft Certified: Cybersecurity Architect Expert certification. Below you will find various study materials and a solid study path to help you plan and take the SC-100 exam. 

About the SC-100 Exam

The SC-100 Microsoft Cybersecurity Architect exam is aimed towards candidates who have a wide range of knowledge in different areas of Microsoft Security and are able to design and implement security solutions. You will also be expected to be familiar with both hybrid and cloud-only environments and implementations. The exam is an expert level exam so it is not deemed to be easy. You can read the full exam description on the Microsoft exam page here.

How hard is the SC-100 Exam?

The SC-100 exam is an expert level exam, aimed at those who have extensive experience securing Microsoft Paas, Iaas and hybrid environments. By completing this exam (and 1 pre-requisite exam) you will earn the title of Microsoft Certified: Cybersecurity Architect Expert, so as can you can see, Expert is in the name…

How long should you study for the SC-100 exam?

You should give yourself at least 1 month of solid study for this exam. That is whether you are well experienced in designing Azure security solutions or not. As mentioned above, the exam is deemed quite hard, although in reality the exam does not go into heavy technical detail, you will still need a very good understand of how Azure solutions integrate with security.

Aim for about 1.5 hours of study a day. If you miss any days within the month, carry this into the next month, so you are not missing any study time and only take the exam once you feed confident.

Are there labs in the SC-100 exam?

There are no labs in the SC-100 exam.

How to become a Microsoft Certified: Cybersecurity Architect Expert

Taking the SC-100 Microsoft Cybersecurity Architect exam is not the only requirement to becoming a Microsoft Certified: Cybersecurity Architect Expert. You must also pass one of the pre-requisite exams, of which there are 4 to choose from:

  • Microsoft Certified: Security Operations Analyst Associate
  • Microsoft Certified: Identity and Access Administrator Associate
  • Microsoft Certified: Azure Security Engineer Associate 
  • Microsoft Certified: Security Administrator Associate
The path to certification looks like this:
SC-100 Exam Path

Microsoft Learn Paths and Resources

Microsoft Learn is one of the best places to start when it comes to studying. Microsoft has now released an official learning path for the SC-100 exam, I have complied a collection of Microsoft learn paths specifically for the SC-100 exam and you can find a link to them below along with other resources:

Microsoft Docs: SC-100 Exam Study Guide

Design a Zero Trust strategy and architecture (30–35%)

Build an overall security strategy and architecture

Design a security operations strategy

Design an identity security strategy
Note: includes hybrid and multi-cloud design a strategy for access to cloud resources

Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies (20–25%)

NOT: Information Protection or DLP

Design a regulatory compliance strategy

Evaluate security posture and recommend technical strategies to manage risk

Design security for infrastructure (20–25%)

Design a strategy for securing server and client endpoints

Design a strategy for securing SaaS, PaaS, and IaaS service
Note: includes hybrid and multi-cloud

Design a strategy for data and applications (20–25%)

Specify security requirements for applications

Design a strategy for securing data


Thank you for taking the time to read my SC-100 exam study guide. Hopefully now by the end of this guide you should be well prepared to pass the SC-100 Microsoft Cybersecurity Architect exam. If you have questions please leave them below and I will do my best to respond asap.

Daniel Bradley

My name is Daniel Bradley and I work with Microsoft 365 and Azure as an Engineer and Consultant. I enjoy writing technical content for you and engaging with the community. All opinions are my own.

This Post Has One Comment

  1. Dilip

    Thanks, Really appreciate

Leave a Reply