Michael Brookes’ Microsoft SC-100 – The Just Good Enough Guarantee

Michael Brookes’ Microsoft SC-100 – The Just Good Enough Guarantee, is my personal journey to secure the Microsoft SC-100 exam “Cyber Security Architect Expert” credential, after a somewhat foolhardy statement on LinkedIn seeking colleagues to join me and pass their certification as well by the end of July 2022.

There is of course no “Just Good Enough”, study hard, work harder and pass with a 900+ result

The following is my personal experience, so that anyone else studying for this certification “Cyber Security Architect – Expert” can find the resources they need to help them.

As I have already explained, I sat and passed the SC-100 exam, in total I spent around 20 hours to prepare and found the SC-100 exam to be challenging with 20 hours of prep work, my background though is not Microsoft Security and at this time (July 2022) I am 7 months into a Microsoft Security consulting role.

If I had spent another 10-15 hours studying the Azure/M365 technologies that are covered with this certification, it is most likely that I would have secured a 900 or above pass mark, if this is your measure of success then add more hours to your study cram expectations and aim for the 35 hours that Microsoft recommends.

Microsoft SC-100 pre-requisites

The SC-100 exam has a prerequisite requirement else you could not possibly be considered an expert – sarcasm as anyone in cyber security knows there are no experts, cyber security professionals are just good listeners and thinkers – like Lego creators.

To achieve the prerequisite I sat and passed the MS-500 with 8 hours of study prep (which I will detail in a future blog post) also known as the “Microsoft 365 Certified” Security Administrator Associate” to gain the full credit for SC-100.

Microsofts full exam prep is here and it provides a great starting point but is not detailed enough in my experience to provide a passing exam result.

SC-100 focus areas

Sc-100 is hard, especially hard if you like me do not have a lot of Azure Networking experience. The following bullet points are where I recommend you spend a lot of your time while studying for your own Microsoft “Cyber Security Architect” Expert certification.

• Spend A LOT of time learning about azure networking, VNets, Network Security Groups, Front door, Azure application gateway, service endpoints, private endpoints.
• There will be many questions on Azure networking
• Express route, Peering, azure traffic manager, Front door again.
• You already know this…. Password hash sync is required for Credential breach detection.
• Learn the Azure product names
• Learn about Defender for Cloud and when it is utilised
• Learn about conditional access policies, not just what is available through Azure AD, also Defender for Cloud apps and protection of data leaving the organisation 
• Endpoint protection will be covered so understand that MẮM does not need a intune managed device. MẮM and MDM work separately.
• There will be scenarios where you will need to identify the best solution for external users to access corporate systems so learn a little bit about xyz
• Reiterate the above: is it Azure Firewall, Application Gateway, Network security groups that will protect my apps.
• Network layers will come up a little, remember the difference between Lvl3 MAC, Lvl4 TCP/UDP and lvl7 application – knowing this influences the best decision for a few network security questions.
• compliance manager where do you configure roles for compliance users

Question: When is the respective Azure technology the best choice for a business, is it the best technology for doing x or is y a better option, for example: a global business with a global network and applications, is Front door or Azure Application Gateway the preferable choice?

Hint: Front Door as a global CDN is probably the better choice when global reach and global apps are accessed.

SC-100 study guides

1. As always start with a John Savill Youtube video, John Savill is the best study resource I have found for first impressions of a certification as well as what technologies will need to be understood. Unlike with Johns AZ-900, SC-90 and MS-900 Johns video alone did not provide the required knowledge for me to be confident or competent for the exam. Your mileage may vary but in my case I had to study in significantly more depth.

2. Follow the Polish user group talk through the technologies as well, their videos are not as polished as John Savill but they do have the details required:

Part 1: https://www.youtube.com/watch?v=3B-x4s4Nr8A

These videos are not as well explained as John Savill but that the time I sat my SC-100 there is not a lot of alternative information available so watch them and research the technologies they uncover.

Part 2: SC-100 – Design an identity security strategy

Part 3: SC-100 – Design a security operations strategy

Part 4: SC-100 – Build an overall security strategy and architecture

With each of these videos, I wrote and diagrammed everything that was discussed, where possible I used my M365 E5 demo tenant to configure and mirror what the instructor was describing as that is the way I learn best.

Summary: Microsoft SC-100 exam summary

I successfully passed whilst maintaining a bit of a buffer as well! but the exam prep did not fully prepare me for the questions that were asked.

One well known exam prep site with the Sc-100 exam, which I will not mention the name of ….. had exam questions with completely wrong answers! so be very careful of these exam preparation sites.

Be careful if using these sites as there is no recourse on them for providing the wrong answers and reviewing using an exam prep site with the wrong answers will put you back in your studying and possibly cost you a failed exam. The way in which I would use an exam prep, is to research the questions that you do not know the answer too and answer that way – thus creating the memory association between the technology and question.

There’s an old joke which says that the definition of ‘expert’ is derived from ‘ex’ – meaning a has been, and ‘spurt’ – meaning a drip under pressure.

Michael Brookes’ Microsoft SC-100 – The “Just Good Enough” Guarantee is not a guarantee of passing, much as I would like it to be. I wish you success with your SC-100 exam and your new expert status.

As always reach out to me here if I can assist you in any way.