Jul 07 2022 05:25 AM
Dear Microsoft 365 Security and Azure Security Friends,
When I first read about this certification I was immediately excited! But at the same time I had a lot of respect, because it is an expert certification. I quickly started collecting information. The first thing I learned was that it takes a so-called prerequisite exam to become a Microsoft Certified: Cybersecurity Architect Expert certification. The following prerequisite exams are available (only one of these exams must be passed):
Microsoft Certified: Security Operations Analyst Associate (SC-200)
https://docs.microsoft.com/en-us/learn/certifications/security-operations-analyst/
Microsoft Certified: Identity and Access Administrator Associate (SC-300)
https://docs.microsoft.com/en-us/learn/certifications/identity-and-access-administrator/
Microsoft Certified: Azure Security Engineer Associate (AZ-500)
https://docs.microsoft.com/en-us/learn/certifications/azure-security-engineer/
Microsoft 365 Certified: Security Administrator Associate (MS-500)
https://docs.microsoft.com/en-us/learn/certifications/m365-security-administrator/
I have taken all these prerequisite exams. The two exams AZ-500 and MS-500 helped me the most in preparing for the SC-100 (this is certainly not the case for everyone). In this SC-100 exam you will be quizzed on topics in Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender for Cloud Apps (and all other Defender products), Azure Policy, Azure landing zone, etc. This spectrum is huge, please take enough time to "explore" these "portals" deeply. You don't have to have the technical knowledge down to the last detail. No not at all, in this exam it is important to use all the features and products with the right strategy. This was among other things my way to success!
Now to my preparations for the exam:
1. First of all, I looked at the Exam Topics to get a first impression of the scope of topics.
https://docs.microsoft.com/en-us/learn/certifications/cybersecurity-architect-expert/
Please take a close look at the skills assessed:
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWVbXN
2. So that I can prepare for an exam I need an Azure test environment (this is indispensable for me). You can sign up for a free trial here.
https://azure.microsoft.com/en-us/free/
Next, I set up a Microsoft 365 test environment. You can sign up for a free trial here.
https://www.microsoft.com/en-us/microsoft-365/business/compare-all-microsoft-365-business-products
I chose the "Microsoft 365 Business Premium" plan for my testing. I have also registered several free trials to test the various Defender products.
3. Now it goes to the Microsoft Learn content. These learn paths (as you can see below, all 4) I have worked through completely and "mapped"/reconfigured as much as possible in my test environment.
https://docs.microsoft.com/en-us/learn/paths/sc-100-design-zero-trust-strategy-architecture/
https://docs.microsoft.com/en-us/learn/paths/sc-100-evaluate-governance-risk-compliance/
https://docs.microsoft.com/en-us/learn/paths/sc-100-design-security-for-infrastructure/
https://docs.microsoft.com/en-us/learn/paths/sc-100-design-strategy-for-data-applications/
4. Register for the exam early. This creates some pressure and you stay motivated.
https://docs.microsoft.com/en-us/learn/certifications/cybersecurity-architect-expert/
5. Please also watch the video of John Savill, it is very helpful!
6. The Exam Ref for the SC-200 exam was also very supportive.
7. Further I have summarized various links that have also helped me a lot. Sorted by Functional Group.
Design a Zero Trust strategy and architecture:
https://docs.microsoft.com/en-us/security/cybersecurity-reference-architecture/mcra
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/secure/security-governance
https://docs.microsoft.com/en-us/azure/architecture/framework/security/monitor-audit
https://docs.microsoft.com/en-us/security/benchmark/azure/security-control-logging-monitoring
https://docs.microsoft.com/en-us/azure/security/fundamentals/log-audit
https://docs.microsoft.com/en-us/azure/architecture/framework/security/design-network-connectivity
https://docs.microsoft.com/en-us/azure/architecture/framework/security/design-network-segmentation
https://docs.microsoft.com/en-us/security/zero-trust/deploy/infrastructure
https://docs.microsoft.com/en-us/security/zero-trust/integrate/infrastructure
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/strategy/define-security-strategy
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/secure/business-resilience
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/strategy/technical-considerations/
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/organize/
https://docs.microsoft.com/en-us/azure/security/fundamentals/operational-checklist
https://azure.microsoft.com/en-us/services/defender-for-cloud/#features
https://docs.microsoft.com/en-us/azure/sentinel/overview
https://docs.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation
https://docs.microsoft.com/en-us/security/compass/incident-response-overview
https://docs.microsoft.com/en-us/security/compass/incident-response-planning
https://docs.microsoft.com/en-us/security/compass/incident-response-process
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/secure/security-operations
https://docs.microsoft.com/en-us/security/compass/security-operations
https://docs.microsoft.com/en-us/azure/security/fundamentals/identity-management-best-practices
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
https://docs.microsoft.com/en-us/azure/architecture/framework/security/design-identity-authorization
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/plan-conditional-access
https://docs.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-zero-trust
https://docs.microsoft.com/en-us/azure/active-directory/roles/best-practices
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-delegate
https://docs.microsoft.com/en-us/azure/active-directory/roles/groups-concept
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
https://docs.microsoft.com/en-us/security/compass/identity
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-delegate
https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/principles-of-operation
https://docs.microsoft.com/en-us/azure/active-directory/roles/security-planning
Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies:
https://docs.microsoft.com/en-us/azure/security/fundamentals/technical-capabilities
https://docs.microsoft.com/en-us/security/compass/governance
https://docs.microsoft.com/en-us/azure/defender-for-cloud/regulatory-compliance-dashboard
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager?view=o365-worldwide
https://docs.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls
https://docs.microsoft.com/en-us/azure/governance/policy/overview
https://docs.microsoft.com/en-us/azure/governance/policy/tutorials/create-and-manage
https://azure.microsoft.com/en-us/global-infrastructure/data-residency/
https://azure.microsoft.com/en-us/overview/trusted-cloud/privacy/
https://docs.microsoft.com/en-us/security/benchmark/azure/introduction
https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages
https://docs.microsoft.com/en-us/azure/defender-for-cloud/regulatory-compliance-dashboard
https://docs.microsoft.com/en-us/azure/defender-for-cloud/secure-score-access-and-track
https://docs.microsoft.com/en-us/azure/defender-for-cloud/enhanced-security-features-overview
Design security for infrastructure:
https://docs.microsoft.com/en-us/windows-server/security/security-and-assurance
https://docs.microsoft.com/en-us/mem/intune/protect/security-baselines
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/secure-your-domain
https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates
https://docs.microsoft.com/en-us/azure/security/fundamentals/management
https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/cloud-services-security-baseline
https://azure.microsoft.com/en-us/overview/iot/security/
https://docs.microsoft.com/en-us/azure/azure-sql/database/security-overview?view=azuresql
https://docs.microsoft.com/en-us/azure/azure-sql/database/security-best-practice?view=azuresql
https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/sql-database-security-baseline
https://docs.microsoft.com/en-us/azure/cosmos-db/database-security?tabs=sql-api
https://docs.microsoft.com/en-us/azure/app-service/overview-security
https://docs.microsoft.com/en-us/azure/app-service/security-recommendations
https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/app-service-security-baseline
https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/storage-security-baseline
https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/aks-security-baseline
https://docs.microsoft.com/en-us/azure/aks/concepts-security
https://docs.microsoft.com/en-us/azure/aks/operator-best-practices-cluster-security?tabs=azure-cli
Design a strategy for data and applications:
https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-mitigations
https://docs.microsoft.com/en-us/azure/architecture/framework/security/design-threat-model
https://docs.microsoft.com/en-us/compliance/assurance/assurance-security-development-and-operation
https://docs.microsoft.com/en-us/azure/security/develop/secure-design
https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-app-service-introduction
https://docs.microsoft.com/en-us/azure/architecture/framework/security/resilience
https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-governance-strategy
https://docs.microsoft.com/en-us/azure/architecture/data-guide/scenarios/securing-data-solutions
https://docs.microsoft.com/en-us/azure/architecture/framework/security/design-storage
https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-data-protection
https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-overview
https://docs.microsoft.com/en-us/azure/security/fundamentals/data-encryption-best-practices
https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-atrest
https://docs.microsoft.com/en-us/azure/architecture/framework/security/design-storage-encryption
8. You can find a list of all the links here:
https://github.com/tomwechsler/Microsoft_Cloud_Security/blob/main/SC-100/Links.md
I know you've probably read and heard this many times: read the exam questions slowly and accurately. Well, that was the key to success for me. It's the details that make the difference between success and failure. Let me give you an example at this point. You want to make a business app available. The authentication should be done by each person with his own LinkedIn account. Which variant of Azure Active Directory do you use for this? At this point you should know the different types of Azure Active Directory.
One final tip: When you have learned something new, try to explain what you have learned to another person (whether or not they know your subject). If you can explain it in your own words, you understand the subject. That is exactly how I do it, except that I do not explain it to another person, but record a video for YouTube!
I hope this information helps you and that you successfully pass the exam. I wish you success!
Kind regards, Tom Wechsler
P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler
Jul 11 2022 08:35 AM
Jul 11 2022 08:59 AM
Jul 11 2022 09:38 AM
Jul 11 2022 09:55 AM
Jul 11 2022 10:04 PM
Jul 11 2022 10:04 PM