SC-300: Identity and Access Administrator

SC-300 Course: Microsoft Identity and Access Administrator

The Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organization's identity and access management systems using Azure AD . Learn how to manage tasks such as providing secure access with authentication and authorization to enterprise applications. You'll also learn how to provide simple experiences and self-service administration capabilities for all users. Finally, learn how to build adaptive access and governance for identity and access management solutions, ensuring you can troubleshoot, monitor, and report on your environment. The Identity and Access Administrator can be a single person or a member of a larger team. Learn how this role collaborates with many other roles in the organization to drive strategic identity projects. The ultimate goal is to provide knowledge for modernizing identity solutions, implementing hybrid identity solutions, and implementing identity governance.

The course includes a certification exam and a bonus gift opportunity in virtual mode! *Promotion valid until August 31st, for customers in Spain only. Does not apply to self-learning mode.

Course aimed at

This course is designed for identity and access administrators who plan to take the associated certification exam or who perform identity and access management tasks in their daily work. This course would also be useful for an administrator or engineer who wants to specialize in providing identity solutions and access management systems for Azure-based solutions, playing an integral role in securing an organization.

Elements of the SC-300 formation

• Exploring Identity and Azure AD (16 Units)
• Implementing Azure Active Directory Initial Configuration (11 Units)
• Create, configure and manage identities (14 Units)
• Implementation and management of external identities (16 Units)
• Implementing and Managing a Hybrid Identity (11 Units)
• Securing Azure Active Directory Users with Multi-Factor Authentication (6 Units)
• Managing User Authentication (12 Units)
• Planning, Implementing, and Managing Conditional Access (13 Units)
• Managing Azure AD Identity Protection (10 Units)
• Implementing Access Management for Azure Resources (11 Units)
• Planning and Designing Enterprise Application Integration for SSO (10 Units)
• Implementing and Monitoring Enterprise Application Integration for Single Sign-On (10 Units)
• Implementing Application Logging (11 Units)
• Planning and Implementing Rights Management (10 Units)
• Planning, Implementation, and Administration of Access Review (9 Units)
• Planning and Implementing Privileged Access (11 Units)
• Azure Active Directory Monitoring and Maintenance (9 Units)

SC-300 Course Content

Module 1. Exploring identities in Microsoft Enter ID
Lessons:
- Security Scanning
- Identity management concepts
- Authentication and authorization
- Audit and other identity concepts

Module 2. Implementing an Identity Management Solution
Lessons:
- Create, configure, and manage identities
- Set up and manage Microsoft Sign In ID
- Implementation and management of external identities
- Implementation and management of a hybrid identity
Laboratories:
Lab 00 - Lab Setup
Lab 01 - Managing User Roles
Lab 02: Working with Tenant Properties
Lab 03: Assigning licenses with group membership
Lab 04: Configuring External Collaboration Settings
Lab 05: Adding Guest Users to a Directory
Lab 06: Adding a Federated Identity Provider
Lab 07: Optional — Adding Hybrid Identity with Microsoft Entra Connect

Module 3. Implementing an access and authentication management solution
Lessons:
- Plan and implement Microsoft Multi-Factor Authentication (MFA)
- Manage user authentication
- Planning, implementation and management of conditional access
- Manage Microsoft Sign in ID Protection
- Implementing access management for Azure resources
Laboratories:
Lab 08: Enabling Multi-Factor Authentication
Lab 09: Enabling Microsoft Self-Service Password Reset
Lab 10: Microsoft Authentication Enter ID for Windows and Linux Virtual Machines
Lab 11: Assigning Azure Resource Roles in Privileged Identity Management
Lab 12: Managing Microsoft Smart Lock Settings
Lab 13: Implementing and Testing a Conditional Access Policy
Lab 14: Enabling user login and risk policies
Lab 15: Configuring an MFA Registration Policy
Lab 16: Use Azure Key Vault for managed identities

Module 4. Implement access management for applications
Lessons:
What is an app?
Plan and design enterprise application integration for single sign-on (SSO).
Implement and monitor enterprise application integration
Implement application logs
Laboratories:
Lab 17: Detecting Defender for Cloud Apps and Enforcing Restrictions
18: Defender for Cloud Apps access policies
19: Register an application
20: Implement access management for applications
21: Grant tenant-wide admin consent to an application

Module 5. Planning and implementing an Identity Governance strategy
Lessons:
Planning and implementing rights management
Plan, implement, and manage access reviews
Planning and implementing privileged access
Monitoring and maintaining Microsoft ID
Laboratories:
Lab 22: Create and Manage a Resource Catalog in Microsoft Entitlement Management
Lab 23: Adding the Terms of Use and Acceptance Report
Lab 24: Managing the External User Lifecycle in Microsoft Identity Governance Configuration
Lab 25: Creating Access Reviews for Internal and External Users
Lab 26: Configure Privileged Identity Management for Microsoft Entra roles
Lab 27: Microsoft Sentinel Kusto Queries for Microsoft Entra Data Sources
Lab 28: Monitor and manage security posture with the Identity Security Score

Prerequisites

Before attending this course, students should have knowledge of:

• Security best practices and industry security requirements, such as defense in depth, least privilege access, shared responsibility, and zero trust.
• Become familiar with identity concepts such as authentication, authorization, and Active Directory
• Have some experience deploying Azure workloads This course does not cover the basics of Azure administration, but the course content builds on that knowledge by adding specific security information.
• Some experience with Windows and Linux operating systems and scripting languages ​​is helpful, but not required. Course labs may use PowerShell and the CLI.

Language

• Course: English / Spanish
• Labs: English / Spanish

Microsoft Associate Certification: Identity and Access Administrator Associate

Microsoft Certified: Identity and Access Administrator Associate

Demonstrate the features of Microsoft Sign In ID to modernize identity solutions, implement hybrid solutions, and implement identity governance.

Level: Intermediate
Role: Security Engineer
Product: Azure
Subject: Security