Resources to help study for the SC-100 Exam… with a hint of IAC!

Recently I took and passed the SC-100 Exam, which, if you also hold the required prerequisites (SC-200, SC-300, or AZ-500), gains you Microsoft Certified Cybersecurity Architect. I found the exam fairly challenging – and must admit this was one of broadest Microsoft exams I’ve taken, which is to be expected really with this level of exam. As always, after passing an exam, I like to write up a post on the materials that I used to study for the exam, in the hope that my experience and learning material will be useful for others.

It wouldn’t be a blog post from me without a hint of Infrastructure as Code too… more on that later!


Resources


What about Infrastructure as Code (IAC)?

It really wouldn’t be a blog post from myself without some reference to Infrastructure as Code (IAC), and this exam, my learning for it, and the technologies within are no exception – IAC still has a very relevant place in the Microsoft Security Ecosystem!

I usually try and spend some time utilising IAC when learning new areas, because this is the primary method I’ll be using to apply those technologies moving forward. For example – learning something in the Azure Portal is great for me the first few times, but after this I like to try and develop repeatable methods for deployment. This, I find, speeds up my learning and development – and makes the whole process of using labs and test environments much more cost and time effective.

In my own development and learning, I found the use of IAC was most appropriate when configuring and securing Infrastructure Resources – for example when adhering to security baselines or standards. In particular, areas like Storage Accounts, Private Endpoints, and Network Security are easily configurable to a highly secure standard when using Terraform and the AzureRM provider, for example.

During my own learning for this exam, I spent some time working with the following Resources – specifically focusing on some of the infrastructure security aspects and elements, based on the learning objectives of the exam:

In the title of this post I said it would only be a hint of IAC – so that’s all for now!


Conclusion

✅ As always, real experience and using your own Lab environment was hugely helpful for this exam – I found creating some of the scenarios outlined in the Learn Modules in my own lab helped massively. I’d also recommend spending time running through the Microsoft Learn Practice Questions, these give a great idea of the type and style of question you can expect on the exam. Good luck!

Skip to content