SC-300: Identity and Access Administrator

SC-300 Course: Microsoft Identity and Access Administrator

The Microsoft Identity and Access Administrator course explores how to design, deploy, and operate an organization’s identity and access management systems using Azure AD . Learn how to manage tasks such as providing secure access with authentication and authorization to enterprise applications. You’ll also learn how to provide simple experiences and self-service administration capabilities for all users. Finally, learn how to build adaptive access and governance for identity and access management solutions, ensuring that you can troubleshoot, monitor, and report on your environment. The identity and access administrator can be a single person or a member of a larger team. Learn how this role collaborates with many other roles in the organization to drive strategic identity projects. The ultimate goal is to provide knowledge to modernize identity solutions, deploy hybrid identity solutions, and implement identity governance.

The course includes the certification exam as a gift opportunity! *Promotion valid until February 28th only for clients from Spain

Course aimed at

This course is intended for Identity and Access Administrators who plan to take the Associate certification exam or who perform Identity and Access Management tasks in their daily work. This course would also be useful for an administrator or engineer who wants to specialize in providing Identity and Access Management solutions for Azure-based solutions; playing an integral role in securing an organization.

Elements of the SC-300 collection

• Exploring Identity and Azure AD (16 Units)
• Implementing Azure Active Directory Initial Configuration (11 Units)
• Create, configure and manage identities (14 units)
• Implementing and managing external identities (16 units)
• Implementing and managing a hybrid identity (11 Units)
• Securing Azure Active Directory Users with Multi-Factor Authentication (6 Pack)
• Managing User Authentication (12 Units)
• Planning, Implementing, and Managing Conditional Access (13 Units)
• Azure AD Identity Protection Administration (10 Units)
• Implementing Access Management for Azure Resources (11 Units)
• Planning and Designing Enterprise Application Integration for SSO (10 Units)
• Implementing and Monitoring Enterprise Application Integration for Single Sign-On (10 Units)
• Implementing Application Registry (11 Units)
• Planning and Implementing Rights Management (10 Units)
• Access Review Planning, Implementation and Management (9 Units)
• Planning and Implementing Privileged Access (11 Units)
• Azure Active Directory Monitoring and Maintenance (9 Units)

SC-300 Course Content

Module 1. Exploring identities in Microsoft Enter ID
Lessons:
- Security Scan
- Identity Management Concepts
- Authentication and authorization
- Audit and other identity concepts

Module 2. Implementing an Identity Management Solution
Lessons:
- Create, configure and manage identities
- Set up and manage Microsoft Sign In ID
- Implementation and management of external identities
- Implementing and managing a hybrid identity
Laboratories:
Lab 00 - Lab Setup
Lab 01 - User Role Management
Lab 02: Working with tenant properties
Lab 03: Assigning licenses with group membership
Lab 04: Configuring External Collaboration Settings
Lab 05: Adding Guest Users to a Directory
Lab 06: Adding a Federated Identity Provider
Lab 07: Optional — Add Hybrid Identity with Microsoft Entra Connect

Module 3. Implement an access management and authentication solution
Lessons:
- Plan and implement Microsoft Multi-Factor Authentication (MFA)
- Manage user authentication
- Planning, implementing and managing conditional access
- Manage Microsoft Sign in ID Protection
- Implementing access management for Azure resources
Laboratories:
Lab 08: Enabling multi-factor authentication
Lab 09: Enabling Microsoft Self-Service Password Reset Enter
Lab 10: Microsoft Entra ID Authentication for Windows and Linux Virtual Machines
Lab 11: Assign Azure Resource Roles in Privileged Identity Management
Lab 12: Managing Microsoft Smart Lock Settings Enter
Lab 13: Implement and Test a Conditional Access Policy
Lab 14: Enabling user login and risk policies
Lab 15: Setting up an MFA registration policy
Lab 16: Use Azure Key Vault for managed identities

Module 4. Implementing access management for applications
Lessons:
What is an app?
Plan and design enterprise application integration for single sign-on (SSO).
Implement and monitor enterprise application integration
Implement application logs
Laboratories:
Lab 17: Detecting Defender for Cloud Apps and Enforcing Restrictions
18: Defender for Cloud Apps access policies
19: Register an application
20: Implement access management for applications
21: Grant tenant-wide admin consent to an app

Module 5. Planning and implementing an Identity Governance strategy
Lessons:
Planning and implementing rights management
Plan, implement and manage access reviews
Planning and implementing privileged access
Microsoft Sign In ID Monitoring and Maintenance
Laboratories:
Lab 22: Create and manage a resource catalog in Microsoft Rights Management Enter
Lab 23: Adding Terms of Use and Acceptance Report
Lab 24: Managing the External User Lifecycle in Microsoft Entra Identity Governance Configuration
Lab 25: Create Access Reviews for Internal and External Users
Lab 26: Configure Privileged Identity Management for Microsoft Entra roles
Lab 27: Microsoft Sentinel Kusto Queries for Microsoft Data Sources Enter
Lab 28: Monitor and manage security posture with Identity Security Score

Prerequisites

Before attending this course, students must have knowledge of:

• Security best practices and industry security requirements, such as defense in depth, least privilege access, shared responsibility, and zero trust model
• Familiarize yourself with identity concepts such as authentication, authorization, and Active Directory
• Have some experience deploying Azure workloads This course does not cover the basics of Azure administration, but the course content builds on that knowledge by adding security-specific information.
• Some experience with Windows and Linux operating systems and scripting languages ​​is helpful, but not required. Course labs may use PowerShell and the CLI.

Language

• Course: English / Spanish
• Labs: English / Spanish

Microsoft Associate Certification

Microsoft Certified: Identity and Access Administrator Associate

Demonstrate Microsoft Sign In ID features to modernize identity solutions, deploy hybrid solutions, and implement identity governance.

Level: Intermediate
Role: Security Engineer
Product: Azure
Subject: Security