MCE Microsoft Certified Expert Cybersecurity Architect Study Guide

MCE Microsoft Certified Expert Cybersecurity Architect Study Guide

by Kathiravan Udayakumar, Puthiyavan Udayakumar
Released May 2023
Publisher(s): Sybex
ISBN: 9781394180219

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Prep for the SC-100 exam like a pro with Sybex’ latest Study Guide

In the MCE Microsoft Certified Expert Cybersecurity Architect Study Guide: Exam SC-100, a team of dedicated software architects delivers an authoritative and easy-to-follow guide to preparing for the SC-100 Cybersecurity Architect certification exam offered by Microsoft. In the book, you’ll find comprehensive coverage of the objectives tested by the exam, covering the evaluation of Governance Risk Compliance technical and security operations strategies, the design of Zero Trust strategies and architectures, and data and application strategy design.

With the information provided by the authors, you’ll be prepared for your first day in a new role as a cybersecurity architect, gaining practical, hands-on skills with modern Azure deployments. You’ll also find:

  • In-depth discussions of every single objective covered by the SC-100 exam and, by extension, the skills necessary to succeed as a Microsoft cybersecurity architect
  • Critical information to help you obtain a widely sought-after credential that is increasingly popular across the industry (especially in government roles)
  • Valuable online study tools, including hundreds of bonus practice exam questions, electronic flashcards, and a searchable glossary of crucial technical terms

An essential roadmap to the SC-100 exam and a new career in cybersecurity architecture on the Microsoft Azure cloud platform, MCE Microsoft Certified Expert Cybersecurity Architect Study Guide: Exam SC-100 is also ideal for anyone seeking to improve their knowledge and understanding of cloud-based management and security.

Table of contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Dedication
  5. Acknowledgments
  6. About the Authors
    1. About the Technical Editor
  7. Introduction
    1. What Is Azure?
    2. About the SC-100 Certification Exam
    3. Why Become a Certified Microsoft Azure Cybersecurity Architect?
    4. Preparing to Become a Certified Microsoft Cybersecurity Architect
    5. How to Become a Certified Microsoft Cybersecurity Architect
    6. Who Should Buy This Book
    7. How This Book Is Organized
    8. Bonus Digital Contents
    9. Conventions Used in This Book
    10. Using This Book
    11. SC-100 Exam Objectives
    12. How to Contact the Publisher
    13. Assessment Test
    14. Answers to Assessment Test
  8. Chapter 1: Define and Implement an Overall Security Strategy and Architecture
    1. Basics of Cloud Computing
    2. Introduction to Cybersecurity
    3. Cybersecurity Domains
    4. Getting Started with Zero Trust
    5. Design Integration Points in an Architecture
    6. Design Security Needs to Be Based on Business Goals
    7. Decode Security Requirements to Technical Abilities
    8. Design Security for a Resiliency Approach
    9. Identify the Security Risks Associated with Hybrid and Multi-Tenant Environments
    10. Plan Traffic Filtering and Segmentation Technical and Governance Strategies
    11. Summary
    12. Exam Essentials
    13. Review Questions
  9. Chapter 2: Define a Security Operations Strategy
    1. Foundation of Security Operations and Strategy
    2. Design a Logging and Auditing Strategy to Support Security Operations
    3. Develop Security Operations to Support a Hybrid or Multi-Cloud Environment
    4. Design a Strategy for SIEM and SOAR
    5. Evaluate Security Workflows
    6. Evaluate a Security Operations Strategy for the Incident Management Life Cycle
    7. Evaluate a Security Operations Strategy for Sharing Technical Threat Intelligence
    8. Summary
    9. Exam Essentials
    10. Review Questions
  10. Chapter 3: Define an Identity Security Strategy
    1. Design a Strategy for Access to Cloud Resources
    2. Recommend an Identity Store (Tenants, B2B, B2C, Hybrid)
    3. Recommend an Authentication and Authorization Strategy
    4. Design a Strategy for Conditional Access
    5. Design a Strategy for Role Assignment and Delegation
    6. Design a Security Strategy for Privileged Role Access to Infrastructure Including Identity-Based Firewall Rules and Azure PIM
    7. Design a Security Strategy for Privileged Activities Including PAM, Entitlement Management, and Cloud Tenant Administration
    8. Summary
    9. Exam Essentials
    10. Review Questions
  11. Chapter 4: Identify a Regulatory Compliance Strategy
    1. Interpret Compliance Requirements and Translate into Specific Technical Capabilities
    2. Evaluate Infrastructure Compliance by Using Microsoft Defender for Cloud
    3. Interpret Compliance Scores and Recommend Actions to Resolve Issues or Improve Security
    4. Design and Validate Implementation of Azure Policy
    5. Design for Data Residency Requirements
    6. Translate Privacy Requirements into Requirements for Security Solutions
    7. Summary
    8. Exam Essentials
    9. Review Questions
  12. Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
    1. Analyze Security Posture by Using Azure Security Benchmark
    2. Analyze Security Posture by Using Microsoft Defender for Cloud
    3. Assess the Security Hygiene of Cloud Workloads
    4. Evaluate the Security Posture of Cloud Workloads
    5. Design Security for an Azure Landing Zone
    6. Evaluate Security Postures by Using Secure Scores
    7. Identify Technical Threats and Recommend Mitigation Measures
    8. Recommend Security Capabilities or Controls to Mitigate Identified Risks
    9. Summary
    10. Exam Essentials
    11. Review Questions
  13. Chapter 6: Define a Strategy for Securing Infrastructure
    1. Plan and Deploy a Security Strategy Across Teams
    2. Deploy a Process for Proactive and Continuous Evolution of a Security Strategy
    3. Specify Security Baselines for Server and Client Endpoints
    4. Specify Security Baselines for the Server, Including Multiple Platforms and Operating Systems
    5. Specify Security Requirements for Mobile Devices and Clients, Including Endpoint Protection, Hardening, and Configuration
    6. Specify Requirements for Securing Active Directory Domain Services
    7. Design a Strategy to Manage Secrets, Keys, and Certificates
    8. Design a Strategy for Secure Remote Access
    9. Design a Strategy for Securing Privileged Access
    10. Summary
    11. Exam Essentials
    12. Review Questions
  14. Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
    1. Establish Security Baselines for SaaS, PaaS, and IaaS Services
    2. Establish Security Requirements for IoT Workloads
    3. Establish Security Requirements for Data Workloads, Including SQL Server, Azure SQL, Azure Synapse, and Azure Cosmos DB
    4. Define the Security Requirements for Web Workloads
    5. Determine the Security Requirements for Storage Workloads
    6. Define Container Security Requirements
    7. Define Container Orchestration Security Requirements
    8. Summary
    9. Exam Essentials
    10. Review Questions
  15. Chapter 8: Define a Strategy and Requirements for Applications and Data
    1. Knowing the Application Threat Intelligence Model
    2. Specify Priorities for Mitigating Threats to Applications
    3. Specify a Security Standard for Onboarding a New Application
    4. Specify a Security Strategy for Applications and APIs
    5. Specify Priorities for Mitigating Threats to Data
    6. Design a Strategy to Identify and Protect Sensitive Data
    7. Specify an Encryption Standard for Data at Rest and in Motion
    8. Summary
    9. Exam Essentials
    10. Review Questions
  16. Chapter 9: Recommend Security Best Practices and Priorities
    1. Recommend Best Practices for Cybersecurity Capabilities and Controls
    2. Recommend Best Practices for Protecting from Insider and External Attacks
    3. Recommend Best Practices for Zero Trust Security
    4. Recommend Best Practices for Zero Trust Rapid Modernization Plan
    5. Recommend a DevSecOps Process
    6. Recommend a Methodology for Asset Protection
    7. Recommend Strategies for Managing and Minimizing Risk
    8. Plan for Ransomware Protection and Extortion-Based Attacks
    9. Protect Assets from Ransomware Attacks
    10. Recommend Microsoft Ransomware Best Practices
    11. Summary
    12. Exam Essentials
    13. Review Questions
  17. Appendix: Answers to Review Questions
    1. Chapter 1: Define and Implement an Overall Security Strategy and Architecture
    2. Chapter 2: Define a Security Operations Strategy
    3. Chapter 3: Define an Identity Security Strategy
    4. Chapter 4: Identify a Regulatory Compliance Strategy
    5. Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
    6. Chapter 6: Define a Strategy for Securing Infrastructure
    7. Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
    8. Chapter 8: Define a Strategy and Requirements for Applications and Data
    9. Chapter 9: Recommend Security Best Practices and Priorities
  18. Index
  19. End User License Agreement

Product information

  • Title: MCE Microsoft Certified Expert Cybersecurity Architect Study Guide
  • Author(s): Kathiravan Udayakumar, Puthiyavan Udayakumar
  • Release date: May 2023
  • Publisher(s): Sybex
  • ISBN: 9781394180219