Use the code ‘FIREBRAND15’ at checkout for 15% off this month only!
15% Discount AvailableUse the code ‘FIREBRAND15’ at checkout
Microsoft Certified: Cybersecurity Architect Expert (SC-100 & SC-200)
Code: mscae

What you'll learn
On this accelerated 6-day Microsoft Cybersecurity Architect Expert course, as you prepare for the SC-200: Microsoft Certified: Security Operations Analyst Associate exam, you'll learn to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender XDR and Microsoft Defender for Cloud.
On this course, you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilise Kusto Query Language (KQL) to perform detection, analysis, and reporting.
As you prepare for the SC-100: Microsoft Cybersecurity Architect exam, you'll learn to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS).
As a Microsoft Cloud Partner, and through Firebrand's Lecture | Lab | Review methodology, you'll access Microsoft Official Curriculum (MOCs) and learn from Microsoft Certified Trainers (MCTs) in a distraction-free environment.
To achieve the Microsoft Certified: Cybersecurity Architect Expert certification, you need to pass Exam SC-100 as well as one of the following:
- Microsoft Certified: Security Operations Analyst Associate (Exam SC-200)
- Microsoft Certified: Identity and Access Administrator Associate (Exam SC-300)
- Microsoft Certified Azure Security Engineer Associate (Exam AZ-500)
Both exam SC-100 and exam SC-200, SC-300, or AZ-500 are prerequisites to becoming a Microsoft Certified: Cybersecurity Architect Expert.
As part of this course, you will sit SC-200: Microsoft Certified: Security Operations Analyst Associate. At the end of this course, you will sit SC-100: Microsoft Certified: Cybersecurity Architect Expert.
After you pass both exams, you'll automatically receive the Microsoft Certified: Cybersecurity Architect Expert certification.
Curriculum
0 modulesSC-200: Microsoft Certified: Security Operations Analyst Associate:
• Module 1: Introduction to Microsoft Defender XDR threat protection
• Module 2: Mitigate incidents using Microsoft Defender XDR
• Module 3: Protect your identities with Entra ID Protection
• Module 4: Remediate risks with Microsoft Defender for Office 365
• Module 5: Safeguard your environment with Microsoft Defender for Identity
• Module 6: Secure your cloud apps and services with Microsoft Defender for Cloud Apps
• Module 7: Fundamentals of Generative AI
• Module 8: Describe Microsoft Copilot for Security
• Module 9: Describe the core features of Microsoft Copilot for Security
• Module 10: Describe the embedded experiences of Microsoft Copilot for Security
• Module 11: Respond to data loss prevention alerts using Microsoft 365
• Module 12: Manage insider risk in Microsoft Purview
• Module 13: Search and investigate with Microsoft Purview Audit
• Module 14: Investigate threats with Content search in Microsoft Purview
• Module 15: Protect against threats with Microsoft Defender for Endpoint
• Module 16: Deploy the Microsoft Defender for Endpoint environment
• Module 17: Implement Windows security enhancements with Microsoft Defender for Endpoint
• Module 18: Perform device investigations in Microsoft Defender for Endpoint
• Module 19: Perform actions on a device using Microsoft Defender for Endpoint
• Module 20: Perform evidence and entities investigations using Microsoft Defender for Endpoint
• Module 21: Configure and manage automation using Microsoft Defender for Endpoint
• Module 22: Configure for alerts and detections in Microsoft Defender for Endpoint
• Module 23: Utilize Vulnerability Management in Microsoft Defender for Endpoint
• Module 24: Plan for cloud workload protections using Microsoft Defender for Cloud
• Module 25: Connect Azure assets to Microsoft Defender for Cloud
• Module 26: Connect non-Azure resources to Microsoft Defender for Cloud
• Module 27: Manage your cloud security posture management
• Module 28: Explain cloud workload protections in Microsoft Defender for Cloud
• Module 29: Remediate security alerts using Microsoft Defender for Cloud
SC-100: Microsoft Certified: Cybersecurity Architect Expert:
• Module 1: Introduction to Zero Trust and best practice frameworks
• Module 2: Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)
• Module 3: Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB)
• Module 4: Design a resiliency strategy for ransomware and other attacks based on Microsoft Security Best Practices
• Module 5: Case study: Design solutions that align with security best practices and priorities
• Module 6: Design solutions for regulatory compliance
• Module 7: Design solutions for identity and access management
• Module 8: Design solutions for securing privileged access
• Module 9: Design solutions for security operations
• Module 10: Case study: Design security operations, identity and compliance capabilities
• Module 11: Design solutions for securing Microsoft 365
• Module 12: Design solutions for securing applications
• Module 13: Design solutions for securing an organization's data
• Module 14: Case study: Design security solutions for applications and data
• Module 15: Specify requirements for securing SaaS, PaaS, and IaaS services
• Module 16: Design solutions for security posture management in hybrid and multicloud environments
• Module 17: Design solutions for securing server and client endpoints
• Module 18: Design solutions for network security
• Module 19: Case study: Design security solutions for infrastructure
Prerequisites
Before attending this course, delegates must have:
- Advanced experience and knowledge in a wide range of security engineering areas, including identity and access, platform protection, security operations, securing data, and securing applications. They should also have experience with hybrid and cloud implementations.
- Experience implementing or administering solutions in the following areas: identity and access, platform protection, security operations, data and AI security, application security, and hybrid and multicloud infrastructures. You should have expert skills in at least one of those areas, and you should have experience designing security solutions that include Microsoft security technologies.
Exam info
As part of your accelerated course, you'll sit the following exams at the Firebrand Training Centre, covered by your Certification Guarantee:
Exam SC-200: Microsoft Security Operations Analyst
- Languages: English, Japanese, Chinese (Simplified), Korean, French, German, Spanish, Portuguese (Brazil), Chinese (Traditional), Italian
- Domains:
- Manage a security operations environment (20–25%)
- Configure protections and detections (15–20%)
- Manage incident response (25–30%)
- Manage security threats (15–20%)
Exam SC-100: Microsoft Cybersecurity Architect
- Languages: English, Japanese, Chinese (Simplified), Korean, German, French, Spanish, Portuguese (Brazil), Chinese (Traditional), Italian
- Domains:
- Design solutions that align with security best practices and priorities (20–25%)
- Design security operations, identity, and compliance capabilities (25–30%)
- Design security solutions for infrastructure (25–30%)
- Design security solutions for applications and data (20–25%)
Course Dates
Sorry, there are currently no dates available for this course. Please submit an enquiry and one of our team will contact you about potential future dates or alternative options.
FAQs
4 questionYes, we do provide courses suitable for beginners. However, Firebrand's accelerated courses aren't easy and it's essential that you are interested and actively pursuing a career in IT.
Traditional training providers usually run their courses from 9am to 5pm. At Firebrand Training we maximise the number of learning hours to minimise the number of training days, so you’ll be back to your job as quickly as possible. You don’t waste time travelling to several courses and finding an exam centre after that.
Firebrand's accelerated courses are constantly reviewed. We ask our delegates for feedback after every course. We are official partners with leading vendors and therefore, we're provided with certification changes and updates, which we can then implement in our course delivery at a very early stage. This feedback is then analysed in view of changes or discrepancies. We will then address the topics mentioned and have a panel of subject matter experts provide us with valuable suggestions for improvement and solutions.
If you need to learn new skills and you want to be able to put them into practice quickly, then Firebrand is the right training company for you.
Our unique accelerated training method means that we are your fastest way to learn. By delivering training for up to 12 hours per day, seven days per week, with exam centres on-site, we ensure that you are trained and certified quicker than anywhere else, having spent less time out of the office away from the day job.
Can't find the answer you're looking for?
Our expert learning advisors are ready to help. Whether you need course recommendations, have technical queries, or want to discuss your learning goals, we're just a message away.
Related courses
All Microsoft Courses
Train your team
Since 2001 we've trained 134,561 employees from thousands of large and small organisations, saving them more than one million hours in training time.
Learn More