Back to Bootcamps

SC-100 — Microsoft Certified: Cybersecurity Architect Expert

Bootcamp Certificate Track

Expert Level
€899 + €10/session

Security architecture labs and threat-modeling workshops. Estimated effort: 80–120 hours.

🔗 Official Certification Page

Who This Is For?

  • Security architects and senior engineers
  • Cloud professionals designing enterprise security
  • Compliance and risk leaders

What You'll Achieve

  • End-to-end cybersecurity architecture skills
  • Strong zero-trust and defense-in-depth design capability
  • Confidence designing secure enterprise systems

Full Curriculum Outline (Exam-Aligned)

Comprehensive coverage of all exam objectives with hands-on practice

Bootcamp Curriculum

6-week intensive program with hands-on security labs and real-world architecture projects

Week 1 — Security Strategy, Zero Trust & Resiliency

Skills Area: Security best practices and priorities (20–25%)

What You'll Learn

  • Design a security strategy that supports business resiliency goals
  • Identify and prioritize threats to business-critical assets
  • Design ransomware resiliency strategies: Secure backup and restore, Privileged access prioritization
  • Design BCDR solutions for hybrid and multicloud environments
  • Evaluate security update strategies
  • Design solutions aligned with MCRA, MCSB
  • Design Zero Trust architectures: Zero Trust Rapid Modernization Plan (RaMP)
  • Align security with Microsoft Cloud Adoption Framework (CAF) and Azure Well-Architected Framework (WAF)
  • Design security governance using Azure landing zones
  • Design DevSecOps processes aligned with CAF best practices

Hands-On Labs

  • Design a Zero Trust enterprise reference architecture
  • Build a ransomware resiliency and BCDR strategy
  • Map security controls to CAF and WAF
  • Design a secure Azure landing zone security model

Week 2 — Security Operations, SIEM, SOAR & Threat Coverage

Skills Area: Security operations capabilities (part of 25–30%)

What You'll Learn

  • Design detection and response solutions using Microsoft Defender XDR and SIEM (Microsoft Sentinel)
  • Design centralized logging and auditing: Microsoft Purview Audit
  • Design monitoring for hybrid and multicloud environments
  • Design SOAR solutions using Sentinel
  • Design and evaluate incident response workflows, threat hunting workflows, and incident management processes
  • Evaluate threat detection coverage using MITRE ATT&CK: Enterprise, Cloud, Mobile, ICS

Hands-On Labs

  • Design an enterprise SOC architecture
  • Map detection coverage to MITRE ATT&CK matrices
  • Design Sentinel-based SOAR playbooks
  • Build centralized logging and audit architecture

Week 3 — Identity, Access & Privileged Security

Skills Area: Identity and privileged access (part of 25–30%)

What You'll Learn

  • Design access solutions for SaaS, PaaS, IaaS, and hybrid/multicloud environments
  • Design Microsoft Entra ID architectures: Hybrid identity, Multicloud identity
  • Design solutions for External identities (B2B) and Decentralized identity
  • Design modern authentication and authorization: Conditional Access, Continuous Access Evaluation, Risk scoring
  • Validate Conditional Access alignment with Zero Trust
  • Specify requirements to harden AD DS
  • Design secrets, keys, and certificate management solutions
  • Design privileged access strategies: Enterprise access model, Entra PIM, Entitlement management, Access reviews
  • Design Privileged Access Workstations (PAW)
  • Design cloud infrastructure entitlement management

Hands-On Labs

  • Design a Zero Trust identity architecture
  • Implement privileged access governance with Entra PIM
  • Design Conditional Access policies aligned to Zero Trust
  • Design PAW and secure admin access model

Week 4 — Compliance, Privacy & Governance

Skills Area: Regulatory compliance (part of 25–30%)

What You'll Learn

  • Translate regulatory requirements into security controls
  • Design compliance solutions using Microsoft Purview and Microsoft Priva
  • Design Azure Policy strategies for security and compliance
  • Evaluate regulatory alignment using Microsoft Defender for Cloud
  • Design compliance monitoring and validation strategies

Hands-On Labs

  • Map compliance requirements to Azure Policy controls
  • Design a Purview-based compliance architecture
  • Implement Defender for Cloud compliance assessments
  • Design privacy controls using Microsoft Priva

Week 5 — Infrastructure, Network & Endpoint Security

Skills Area: Infrastructure security (25–30%)

What You'll Learn

  • Design security posture management for hybrid and multicloud: Defender for Cloud, Secure Score
  • Design integrated posture management solutions
  • Design workload protection strategies
  • Design Azure Arc security integration
  • Design External Attack Surface Management (Defender EASM)
  • Define posture management processes using Security Exposure Management and Attack paths
  • Specify security requirements for Servers, Clients, Mobile devices, IoT and OT/ICS
  • Evaluate Windows LAPS
  • Design security baselines for SaaS, PaaS, IaaS
  • Design network security and SSE solutions: Entra Internet Access, Entra Private Access

Hands-On Labs

  • Design hybrid and multicloud posture management architecture
  • Implement Defender for Cloud workload protection model
  • Design network security with SSE and Zero Trust access
  • Design OT / IoT security architecture

Week 6 — Application & Data Security + Capstone

Skills Area: Applications and data security (20–25%)

What You'll Learn

  • Evaluate Microsoft 365 security posture using Secure Score
  • Design security using Defender for Office 365 and Defender for Cloud Apps
  • Design device management using Intune
  • Design data security using Microsoft Purview
  • Evaluate Copilot for Microsoft 365 security controls
  • Design application security: Threat modeling, Secure SDLC, Workload identity, API security, Azure WAF
  • Design data security solutions: Data discovery and classification, Encryption (at rest/in transit), Key Vault
  • Design security for Azure SQL, Synapse, Cosmos DB, Azure Storage
  • Design Defender for Storage and Defender for Databases

Hands-On Labs

  • Design a secure Microsoft 365 architecture
  • Perform threat modeling for critical applications
  • Design API and workload identity security
  • Design data protection architecture for Azure workloads

Capstone Project

  • Design a full enterprise cybersecurity architecture covering Zero Trust, Identity, SOC & SIEM, Infrastructure, Applications, and Data
  • Architecture review and defense session with instructor

Certification Outcome

By completing this bootcamp, learners will be able to:

  • Design enterprise-grade cybersecurity architectures
  • Align security strategy with business risk
  • Confidently sit the SC-100 certification exam
  • Operate at Cybersecurity Architect level

Need a Custom Learning Path?

If you are new to cloud or security, we recommend starting with Cloud Foundation — Live Bootcamp before SC-100.

You can book a free consultation to receive a personalized learning curriculum.

Book a Free ConsultationExplore Cloud FoundationView Security Tracks

Begin Your Security Architecture Journey

This comprehensive bootcamp takes you from security fundamentals to expert-level architecture design with zero-trust principles.

Start Your Security JourneyView All Bootcamps