Merge pull request #53598 from ceperezb/CEPEREZB-sc100-zero-trust

JamesJBarnett · web-flow · commit b9d29a8a479a · 2026-02-24T21:54:07.000-07:00
fix header
diff --git a/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/3b-design-solutions-rapid-modernization-plan.yml b/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/3b-design-solutions-rapid-modernization-plan.yml
@@ -1,13 +1,13 @@
 ### YamlMime:ModuleUnit
 uid: learn.wwl.design-solutions-microsoft-cybersecurity-cloud-security-benchmark.design-solutions-rapid-modernization-plan
-title: Design solutions that align to a Zero Trust rapid modernization plan
+title: Design solutions that align with the Zero Trust adoption framework
 metadata:
-  title: Design solutions that align to a Zero Trust rapid modernization plan
-  description: "SC-100 preparatory content on topic: Design solutions that align to a Zero Trust rapid modernization plan (RaMP)."
-  ms.date: 02/07/2026
+  title: Design solutions that align with the Zero Trust adoption framework
+  description: "SC-100 preparatory content on topic: Design solutions that align with the Zero Trust adoption framework."
+  ms.date: 02/24/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 11
+durationInMinutes: 9
 content: |
   [!include[](includes/3b-design-solutions-rapid-modernization-plan.md)]
diff --git a/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/includes/0-introduction.md b/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/includes/0-introduction.md
@@ -10,12 +10,6 @@ In this module, you learn how to:
 
 - Use the Microsoft Cybersecurity Reference Architecture (MCRA) to design more secure solutions.
 - Use Microsoft Cloud Security Benchmark (MCSB) to design more secure solutions.
-- Design solutions with best practices for security capabilities and controls.
-- Design solutions for protecting against insider threats, external attacks, and supply chain attacks.
-- Design AI solutions that align to the Microsoft Cloud Security Benchmark.
-- Design solutions to align to a Zero Trust rapid modernization plan.
-
-The content in the module helps you prepare for the certification exam SC-100: Microsoft Cybersecurity Architect.
 
 ## Prerequisites
 
diff --git a/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/includes/3b-design-solutions-rapid-modernization-plan.md b/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/includes/3b-design-solutions-rapid-modernization-plan.md
diff --git a/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/includes/5-summary.md b/learn-pr/wwl-sci/design-solutions-microsoft-cybersecurity-cloud-security-benchmark/includes/5-summary.md
@@ -4,7 +4,7 @@ You also learned how to design solutions that protect against three distinct thr
 
 You explored AI security and its three core pillars: AI platform security, AI application security, and monitoring and response. The MCSB v2 AI controls (AI-1 through AI-7) provide a framework for addressing AI-specific risks like model theft, prompt injection, and adversarial attacks.
 
-Finally, you learned about the Zero Trust Rapid Modernization Plan (RaMP), which provides a prioritized approach to implementing Zero Trust. RaMP focuses on high-impact initiatives—identity protection, privileged access security, and data protection—that reduce risk quickly while building toward comprehensive Zero Trust adoption.
+Finally, you learned about the Zero Trust cloud adoption framework, which provides a methodical approach to implementing Zero Trust across your digital estate and can help accelerate adoption.
 
 The main takeaways from this module are:
 
@@ -18,10 +18,6 @@ In this module, you learned how to:
 
 - Use the Microsoft Cybersecurity Reference Architecture (MCRA) to design more secure solutions.
 - Use Microsoft Cloud Security Benchmark (MCSB) to design more secure solutions.
-- Design solutions with best practices for security capabilities and controls.
-- Design solutions for protecting against insider threats, external attacks, and supply chain attacks.
-- Design AI solutions that align to the Microsoft Cloud Security Benchmark.
-- Design solutions that align to a Zero Trust rapid modernization plan.
 
 ## Learn more with security documentation
 
@@ -30,7 +26,6 @@ In this module, you learned how to:
 - [Overview of the Microsoft Cloud Security Benchmark](/security/benchmark/azure/overview)
 - [MCSB v2 AI Security Controls](/security/benchmark/azure/mcsb-v2-artificial-intelligence-security)
 - [Security for AI](/security/ai/)
-- [Zero Trust Rapid Modernization Plan](/security/zero-trust/zero-trust-ramp-overview)
 - [What is Zero Trust?](/security/zero-trust/zero-trust-overview)
 - [Zero Trust adoption framework overview](/security/zero-trust/adopt/zero-trust-adoption-overview)
 - [Rapidly modernize your security posture](/security/zero-trust/adopt/rapidly-modernize-security-posture)
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/2a-describe-frameworks.yml b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/2a-describe-frameworks.yml
@@ -9,6 +9,6 @@ metadata:
   ms.author: ceperezb
   ms.topic: unit
   ai-usage: ai-generated
-durationInMinutes: 6
+durationInMinutes: 5
 content: |
   [!include[](includes/2a-describe-frameworks.md)]
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/3-zero-trust-initiatives.yml b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/3-zero-trust-initiatives.yml
@@ -4,10 +4,10 @@ title: Describe the Zero Trust adoption framework and rapid modernization plan
 metadata:
   title: Describe the Zero Trust adoption framework and rapid modernization plan
   description: "Describe the Zero Trust adoption framework and rapid modernization plan."
-  ms.date: 02/11/2026
+  ms.date: 02/24/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
-durationInMinutes: 6
+durationInMinutes: 4
 content: |
   [!include[](includes/3-zero-trust-initiatives.md)]
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/3a-describe-how-frameworks-relate.yml b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/3a-describe-how-frameworks-relate.yml
@@ -4,11 +4,11 @@ title: Describe how the frameworks relate to each other
 metadata:
   title: Describe How the Frameworks Relate to Each Other
   description: "Learn how CAF, WAF, MCRA, MCSB, and the Zero Trust adoption framework work together as a comprehensive system for cybersecurity."
-  ms.date: 02/11/2026
+  ms.date: 02/24/2026
   author: ceperezb
   ms.author: ceperezb
   ms.topic: unit
   ai-usage: ai-generated
-durationInMinutes: 5
+durationInMinutes: 4
 content: |
   [!include[](includes/3a-describe-how-frameworks-relate.md)]
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/0-introduction.md b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/0-introduction.md
@@ -1,6 +1,6 @@
 As a cybersecurity architect, you're responsible for designing security strategies that protect your organization's digital estate. To do this effectively, you need to understand the best practice frameworks available to you and how they work together.
 
-This module introduces you to the concept of Zero Trust, common security antipatterns, and the key best practice frameworks that Microsoft provides for cybersecurity. You explore the Cloud Adoption Framework (CAF), the Azure Well-Architected Framework (WAF), the Microsoft Cybersecurity Reference Architectures (MCRA), and the Microsoft cloud security benchmark (MCSB). You also learn about the Zero Trust adoption framework and the rapid modernization approach.
+This module introduces you to the concept of Zero Trust, common security antipatterns, and the key best practice frameworks that Microsoft provides for cybersecurity. You explore the Cloud Adoption Framework (CAF), the Azure Well-Architected Framework (WAF), the Microsoft Cybersecurity Reference Architectures (MCRA), and the Microsoft cloud security benchmark (MCSB). You also learn about the Zero Trust adoption framework.
 
 This module is the first in a series that makes up the Cybersecurity Architects training content. Later modules cover these frameworks in greater depth from a design and evaluation perspective. Here, the focus is on understanding what each framework is, what it provides, and when to use it.
 
@@ -11,7 +11,7 @@ By the end of this module, you're able to:
 - Describe common security antipatterns and the role of best practices for cybersecurity architects.
 - Describe the concept of Zero Trust and its guiding principles.
 - Describe the purpose and scope of CAF, WAF, MCRA, and MCSB.
-- Describe the Zero Trust adoption framework and the approach to rapid modernization.
+- Describe the Zero Trust adoption framework.
 - Describe how the different best practice frameworks relate to each other.
 
 ## Prerequisites
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/2a-describe-frameworks.md b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/2a-describe-frameworks.md
@@ -1,6 +1,6 @@
 Microsoft provides several best practice frameworks that cybersecurity architects use to design and evaluate security across the organization. Each framework serves a different purpose and audience. Understanding the scope and intent of each framework helps you choose the right guidance for a given situation.
 
-## Cloud Adoption Framework
+## Microsoft Cloud Adoption Framework
 
 The Microsoft Cloud Adoption Framework (CAF) is a structured roadmap that helps organizations successfully adopt Azure and integrate it into their existing IT environments. CAF provides best practices and guidance throughout the entire cloud adoption lifecycle.
 
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/3-zero-trust-initiatives.md b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/3-zero-trust-initiatives.md
@@ -1,55 +1,31 @@
-Implementing Zero Trust across an organization is a major transformation. It requires a structured approach that goes beyond deploying individual technologies. Microsoft provides two complementary approaches: the Zero Trust adoption framework for strategic planning and the Rapid Modernization Plan (RaMP) for quick wins.
+Implementing Zero Trust across an organization is a major transformation that requires a structured approach beyond deploying individual technologies. The Zero Trust adoption framework provides strategic planning guidance for this transformation.
 
 ## Zero Trust adoption framework
 
-The Zero Trust adoption framework helps organizations plan and execute a Zero Trust strategy across their entire digital estate. It adapts the lifecycle phases from the Cloud Adoption Framework for Azure, but with a scope suited to Zero Trust.
+The Zero Trust adoption framework helps organizations plan and execute a Zero Trust strategy across their entire digital estate. It adapts the lifecycle phases from the Cloud Adoption Framework for Azure to the unique scope of Zero Trust—introducing new security configurations across an entire digital estate rather than onboarding individual workloads.
 
 Adopting a Zero Trust strategy requires buy-in from across the C-suite. Security isn't the responsibility of one team—it's a shared business responsibility aligned to business outcomes. Each C-level role has a stake in Zero Trust, from the CEO who needs an integrated approach to security, to the CFO who needs measurable accountability for security spend.
 
-The Zero Trust adoption framework uses these lifecycle phases:
+The framework organizes adoption around a lifecycle with five phases:
 
 | Phase | Description |
 |---|---|
 | **Define strategy** | Build a business case focused on the outcomes most closely aligned with your organization's risks and strategic goals. |
 | **Plan** | Prioritize quick wins and incremental progress. Structure coherent initiatives with clear outcomes, benefits, and ownership. |
-| **Ready** | Create a multilayer strategy for your Zero Trust deployment and prioritize early actions based on business needs. |
+| **Ready** | Evaluate, test, and pilot security configurations. Prioritize early actions based on business needs. |
 | **Adopt** | Incrementally implement the strategy across functional areas. |
-| **Govern** | Track and measure the success of your deployment. |
-| **Manage** | Use monitoring and detection technologies. Incrementally mature each functional area. |
+| **Govern and manage** | Track and measure the success of your deployment. Use monitoring and detection technologies to incrementally mature each functional area. |
 
-:::image type="content" source="../media/zero-trust-adoption-framework.png" alt-text="Diagram showing the Zero Trust adoption framework lifecycle phases including Define strategy, Plan, Ready, Adopt, Govern, and Manage.":::
+:::image type="content" source="../media/zero-trust-adoption-framework.png" alt-text="Diagram showing the Zero Trust adoption framework lifecycle phases including Define strategy, Plan, Ready, Adopt, and Govern and manage.":::
 
-### How it differs from the Cloud Adoption Framework
+### Business scenarios
 
-The Cloud Adoption Framework focuses on introducing new apps and services into an organization, with a repeatable process for each workload added to the digital estate. Zero Trust adoption requires a different scope: introducing new security configurations across an entire digital estate.
+The framework applies the lifecycle through business scenarios that break work into concrete objectives. Each objective is a technical project that moves through the lifecycle independently, and you can stagger objectives so multiple workstreams progress in parallel. The framework includes these business scenarios:
 
-The scale motion for Zero Trust is two-dimensional:
+- **Rapidly modernize your security posture**: Build the organizational capacity and basic security hygiene needed for every other scenario.
+- **Secure remote and hybrid work**: Apply Zero Trust protections to identities, devices, and applications for remote access.
+- **Identify and protect sensitive business data**: Discover, classify, and protect sensitive data across your digital estate.
+- **Prevent or reduce business damage from a breach**: Limit blast radius through segmentation, threat detection, and response capabilities.
+- **Meet regulatory and compliance requirements**: Align Zero Trust protections with regulatory frameworks and track compliance status.
 
-1. Take a piece of the Zero Trust architecture, such as data protection, and scale it across the entire digital estate.
-2. Repeat the process with each additional piece of the Zero Trust architecture, starting with strategic quick wins and foundational elements, then advancing to more complex areas.
-
-:::image type="content" source="../media/zero-trust-architecture.png" alt-text="Diagram showing the Zero Trust architecture with technology pillars scaled across the digital estate.":::
-
-The Zero Trust adoption framework recommends building a strategy through business scenarios, including:
-
-- Rapidly modernize your security posture.
-- Secure remote and hybrid work.
-- Identify and protect sensitive business data.
-- Prevent or reduce business damage from a breach.
-- Meet regulatory and compliance requirements.
-
-## Zero Trust Rapid Modernization Plan
-
-The Zero Trust Rapid Modernization Plan (RaMP) provides a set of deployment paths to quickly implement key layers of protection. RaMP takes a project management and checklist approach. It provides a suggested mapping of key stakeholders, implementers, and their accountabilities, along with checklists of deployment objectives and implementation steps.
-
-Zero Trust is a major transformation, so it's critical to start with the most impactful items that deliver the most security and productivity gains with the least investment of time and resources.
-
-The Zero Trust RaMP is included in the Microsoft Cybersecurity Reference Architectures (MCRA) and aligns to these recommended security modernization initiatives:
-
-- **Secure identities and access:** Focus on using cloud-based security capabilities to rapidly modernize access control and increase both productivity and security assurances.
-- **Data security and governance, risk, compliance (GRC):** Focus on ensuring the organization can rapidly recover from a ransomware or extortion attack without paying attackers, and protect the most valuable business-critical data.
-- **Modern security operations:** Focus on streamlining responses to common attacks, getting end-to-end visibility across the enterprise, and automating manual tasks that slow down analysts.
-- **Infrastructure and development security:** Focus on security hygiene, reducing legacy risk, integrating security into DevOps and development processes, and applying microsegmentation concepts.
-- **Operational technology (OT) and Internet of Things (IoT) security:** Focus on quickly discovering, protecting, and monitoring these systems for attacks.
-
-Together, the adoption framework and RaMP give you both the strategic planning structure and the tactical quick wins needed to make progress on your Zero Trust journey.
+The *Rapidly modernize your security posture* scenario is typically the starting point because it builds the organizational capacity—strategy alignment, risk assessment, security hygiene, and a repeatable adoption process—needed to systematically execute the other business scenarios. In turn, the other scenarios supply the technical objectives that feed through this process and accelerate the overall transformation.
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/3a-describe-how-frameworks-relate.md b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/3a-describe-how-frameworks-relate.md
@@ -10,28 +10,17 @@ All of these frameworks share Zero Trust as a foundational security philosophy,
 - **MCSB** operates at the **control level**. It provides prescriptive security controls organized into domains, mapped to compliance standards. MCSB helps you decide *which specific controls to implement and monitor*.
 - **Zero Trust adoption framework** operates at the **strategy level**. It provides a phased business-driven approach to implementing Zero Trust across the organization. It helps you decide *how to plan and execute your Zero Trust transformation*.
 
-## How the frameworks connect
-
-The Microsoft cloud security benchmark draws from multiple sources, including the Cloud Adoption Framework and the Azure Well-Architected Framework, along with industry standards such as CIS, NIST, and PCI-DSS. When you implement MCSB controls, you're applying guidance that's already aligned with these broader frameworks.
-
-CAF references WAF for workload-level design and optimization. When CAF guides you to adopt or govern workloads, WAF provides the detailed design principles for those individual workloads. Similarly, CAF's security methodology draws on MCRA for reference architecture guidance.
-
-MCRA includes the Zero Trust RaMP, which prioritizes security modernization initiatives. These initiatives map to the Zero Trust technology pillars and provide the tactical steps that the Zero Trust adoption framework organizes into a broader strategic plan.
-
-The Zero Trust adoption framework adapts CAF's lifecycle phases (Define strategy, Plan, Ready, Adopt, Govern, Manage) but applies them to security transformation across the entire digital estate rather than to individual workload adoption.
-
 ## Choosing the right framework
 
 The following table summarizes when to use each framework:
 
 | Framework | When to use | Primary audience |
 |---|---|---|
-| **CAF** | When you're looking to create and implement business and technology strategies for cloud adoption. | Cloud architects, IT professionals, business decision makers |
-| **WAF** | When you're looking to improve the quality of an individual cloud workload. | Cloud architects, IT professionals |
-| **MCRA** | When you need a starting template for security architecture, a comparison reference, or need to learn about Microsoft cybersecurity capabilities. | Cloud architects, IT professionals |
-| **MCSB** | When you need guidance on implementing specific security controls and monitoring compliance against industry standards. | Cloud architects, IT professionals |
+| **Microsoft Cloud Adoption Framework (CAF)** | When you're looking to create and implement business and technology strategies for cloud adoption. | Cloud architects, IT professionals, business decision makers |
+| **Azure Well-Architected Framework (WAF)** | When you're looking to improve the quality of an individual cloud workload. | Cloud architects, IT professionals |
+| **Microsoft Cybersecurity Reference Architectures (MCRA)** | When you need a starting template for security architecture, a comparison reference, or need to learn about Microsoft cybersecurity capabilities. | Cloud architects, IT professionals |
+| **Microsoft cloud security benchmark (MCSB)** | When you need guidance on implementing specific security controls and monitoring compliance against industry standards. | Cloud architects, IT professionals |
 | **Zero Trust adoption framework** | When you want a phased, business-driven approach to implementing Zero Trust from strategy through management. | Security architects, IT teams, project managers |
-| **Zero Trust RaMP** | When you want to get started with Zero Trust and make progress quickly by prioritizing the highest-impact areas. | Cloud architects, IT professionals, business decision makers |
 
 ## Think of it as a system
 
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/7-summary.md b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/includes/7-summary.md
diff --git a/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/index.yml b/learn-pr/wwl-sci/introduction-zero-trust-best-practice-frameworks/index.yml
