- What is the SC-100 exam?
- Exam SC-100: Microsoft Cybersecurity Architect is the capstone exam for the Microsoft Certified: Cybersecurity Architect Expert certification, Microsoft's highest security credential. It tests designing security strategy and architecture across identity, security operations, infrastructure, applications and data, including hybrid and multicloud environments. A score of 700 or greater is required to pass, and the study guide is published on Microsoft Learn. Searching for the California small claims form with the same name? Different SC-100 entirely.
- What are the SC-100 prerequisites?
- No exam blocks you from sitting SC-100 itself. But the Cybersecurity Architect Expert certification only issues once you also hold at least one of: Microsoft Certified: Azure Security Engineer Associate (AZ-500), Identity and Access Administrator Associate (SC-300), or Security Operations Analyst Associate (SC-200). Passing SC-100 first and the associate second works too; the credential issues when both are in place. Note that the AZ-500 exam retires August 31, 2026, so candidates planning that route should book before the retirement date.
- How hard is the SC-100 exam?
- It is an expert-level design exam, and its difficulty is different in kind from the associate exams below it. The outline's 98 uses of Design, Evaluate and Specify translate into scenario questions with several defensible answers, where the right one aligns with a named framework like MCRA, MCSB or the Zero Trust adoption framework. Candidates who prepared by memorizing service features consistently report being surprised by the altitude.
- What is on the SC-100 exam?
- Four domains: design solutions that align with security best practices and priorities (20 to 25 percent), design security operations, identity, and compliance capabilities (25 to 30 percent), design security solutions for infrastructure (25 to 30 percent), and design security solutions for applications and data (20 to 25 percent). The April 2026 outline names MCRA, MCSB, Zero Trust, CAF, Azure landing zones, MITRE ATT&CK, Microsoft Entra Agent ID, Security Exposure Management, Entra Internet Access and Entra Private Access verbatim.
- Is SC-100 changing or retiring in 2026?
- No retirement date is published for SC-100. The current outline took effect in April 2026, and the official change log grades six objective groups Minor, including identity and access management (where Entra Agent ID arrived) and posture management, with everything else No change and nothing Major. The four domains and their weights are unchanged from the prior version.
- How many questions are on the SC-100 exam?
- Microsoft does not publish an official question count for SC-100. It does publish a passing score of 700, and a free official practice assessment is available on Microsoft Learn. Treat any site quoting an exact question count as unofficial, and confirm details on the exam page when you schedule.
- Is the SC-100 certification worth it?
- For security engineers moving toward architecture, yes. Cybersecurity Architect Expert is Microsoft's top security credential, the design-level judgment it validates is exactly what separates senior and staff roles from implementation roles in US security teams, and the certification renews free every 12 months with an online renewal assessment. It also forces breadth: identity, SecOps, infrastructure and data people all leave with their blind spots patched.
PDFQuiz is not affiliated with, endorsed by, or sponsored by Microsoft. Microsoft Entra, Microsoft Defender, Microsoft Sentinel, Microsoft Purview and Azure are trademarks of Microsoft Corporation. MITRE ATT&CK is a trademark of The MITRE Corporation. This generator builds practice questions from material you upload and is a study aid, not a substitute for official learning paths. Always confirm the current skills-measured document before you book.