Microsoft 365 Security Architecture
Master Microsoft 365 Security Architecture
Design, justify, implement, and defend a comprehensive Zero Trust security architecture for Microsoft 365 that protects every user, device, app, and data; across Entra ID, Defender XDR, Purview, Intune, and hybrid environments. Turn complex M365 security controls into a resilient, measurable security posture that executives understand and attackers cannot bypass.
What you'll be able to do
Course overview
The Microsoft 365 Security Architecture course is built specifically for Security Architects, Engineers, and Administrators who design, justify, implement, and defend M365 security posture. You'll gain hands-on expertise to:
By the end, you'll have the strategic and technical mastery to own your organisation's Microsoft 365 security architecture, confidently defending it against modern threats while aligning security outcomes with business goals.
Who this course is for
You're a Security Architect, Security Engineer, or Microsoft 365 Administrator responsible for designing, justifying, implementing, and defending your organisation's Microsoft 365 security posture. This course is built for you if you want to:
In short: if you're ready to own and defend a modern Microsoft 365 security architecture that actually works against today's threats, this course is for you.
What you'll learn
By the end of this Microsoft 365 Security Architecture course you will be able to:
Key course takeaways
Things you need to know
What are the prerequisites for this course?
There are no prerequisites. The course teaches M365 security architecture from first principles. Familiarity with the Microsoft 365 admin center and Entra ID will help you move faster through the early modules, but neither is required. Every concept is explained at first use.
What are the device requirements?
A device with a modern browser. Access to a Microsoft 365 E5 developer tenant (free from Microsoft) and an Azure subscription for Sentinel workspace deployment. The course walks you through tenant and workspace setup in Module 0.
How will the course benefit your career?
Security architecture is one of the most in-demand disciplines in cybersecurity. Organisations need people who can design integrated security systems across the M365 stack, not just configure individual products. This course gives you the skills to architect Zero Trust infrastructure, document decisions with ADRs, and present security investments to executives.
The demand for security architects who can bridge technical implementation and business justification continues to grow as organisations move from product-by-product configuration to integrated security architecture.
Usage rights and disclaimer
Course materials: Licensed for individual professional development. You may deploy configurations, detection rules, scripts, and policies in your production environment. You may not redistribute course content or share account credentials.
Architecture configurations: All PowerShell commands, Graph API queries, Conditional Access policies, PIM configurations, and Purview policies are provided as-is. Test every configuration in report-only or simulation mode before enforcement. Ridgeline Cyber Defence is not responsible for operational impact from deployed configurations.
Fictional environment: All scenarios use Northgate Engineering. Any resemblance to real organizations is coincidental.
Version and changelog
Current version: 1.0 | Last updated: June 2026
June 2026, v1.0: Course page restructured. 15 modules across 4 layers. Complete M365 security architecture from identity foundations through detection, XDR operations, and capstone assembly. 30+ ADRs, decision matrices, risk register, executive summary.
This course is actively maintained. Architecture patterns are updated as Microsoft capabilities evolve.
End of Course Exam
Complete the course, then prove your skills under time pressure. Pass mark: 70. Earn your certificate with CPE credits.
Requires 80% course completion. One random scenario per attempt. Certificate issued on pass.