Please check answer of both the queries below :
How can i set the security key as a default sign in method?
You cannot set Security Key as default login option for users because not all Microsoft applications currently supports security Keys based sign-in. Eg : Azure AD PowerShell, Login to AzureAD/Office 365 services on IOS or even with Outlook/Teams etc running on windows. Security key (FIDO2) based sign-in is an optional feature and unless all Microsoft services are compatible with security key based login, it wont makes sense to force it. Alternatively, you can use MS authenticator app based sign in as default method as it is supported by all web and modern authentication supported clients.
How can i disable the option of using SMS as a MFA for just some users (those who have a security token) and let other users keep using SMS as MFA?
MFA methods can be set on tenant level which means if you want to disable SMS as MFA method, you can do it from MFA settings, however, it will remove this option for all users. I believe the best option will be to keep MFA methods like Authenticator App, OATH token ( Hard token ) and Phone call. SMS is anyways not considered as secured option and should be used only when other better options cannot be used.
I hope this answer your queries, if not please let me know and i will try to help you further.