CertPREP Courseware: Microsoft Identity and Access Administrator (SC-300) — Instructor-led, 180-Day access
Please select required options above
Summary
Please select required options above
This instructor-led Microsoft Identity and Access Administrator course prepares you for the Microsoft Exam SC-300 by focusing on the knowledge needed to configure and manage Azure AD tenants; creating, configuring, and managing Azure AD identities; implementing and managing external identities and hybrid identity; planning, implementing, and managing Azure Multifactor Authentication (MFA), self-service password reset, Azure AD user authentication, and Azure AD conditional access; managing Azure AD Identity Protection; implementing access management for Azure resources; managing and monitoring app access with Microsoft Defender for Cloud Apps; planning, implementing, and monitoring enterprise app integration; enabling app registration; planning and implementing entitlement management and privileged access; planning, implementing, and managing access reviews; and monitor Azure AD. This course focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Identity and Access Administrator Associate level.
The goal of this course is to provide you with all the tools you need to prepare for the SC-300 Microsoft Identity and Access Administrator exam — including text explanations, video demos, lab activities, self-assessment questions, and a practice exam— to increase your chances of passing the exam on your first try.
Course components:
180-day access to:
- Lessons
- Video learning
- MeasureUp Practice Test for Microsoft (SC-300). Practice Mode with remediation and Certification mode to simulate the test day experience.
Duration: 4 days of training.
Audience: An administrator, security engineer, or other IT professional who provides, or plans to provide, secure identity and access services for an enterprise.
Prerequisites: IT professionals who design, implement, and operate an organization’s identity and access management systems by using Microsoft Azure Active Directory (Azure AD).
Course objectives:
Upon successful completion of this course, students should be able to:
- Implement identities in Azure AD.
- Implement an authentication and access management solution.
- Implement Access Management for Apps.
- Plan and implement an Identity Governance strategy.
Required course materials: Instructor-led CertPREP Microsoft Identity and Access Administrator (SC-300) courseware.
Lesson 1: Implement identities in Azure AD (4 hours and 12 minutes)
- Skill 1.1: Skill 1.1: Configure and manage an Azure AD tenant (1 hour).
- Configure and manage Azure AD roles.
- Configure delegation by using administrative units.
- Analyze Azure AD role permissions.
- Configure and manage custom domains.
- Configure tenant-wide settings.
- Skill 1.2: Create, configure, and manage Azure AD identities (48 minutes).
- Create, configure, and manage users.
- Create, configure, and manage groups.
- Configure and manage device joins and registrations, including writeback.
- Assign, modify, and report on licenses.
- Skill 1.3: Implement and manage external identities (48 minutes).
- Manage external collaboration settings in Azure AD.
- Invite external users, individually or in bulk (collectively).
- Manage external user accounts in Azure AD.
- Configure identity providers, including SAML and WS-Fed.
- Skill 1.4: Implement and manage external identities (1 hour and 36 minutes).
- Implement and manage Azure Active Directory Connect.
- Implement and manage Azure AD Connect cloud Sync.
- Implement and manage Password Hash Synchronization (PHS).
- Implement and manage Pass-Through Authentication (PTA).
- Implement and mange Seamless Single Sign-On (Seamless SSO).
- Implement and manager Federation, excluding manual ADFS.
- Implement and manage Azure AD Connect Health.
- Troubleshoot synchronization errors.
- Summary
- Case Study
- Quiz
Lesson 2: Implement an authentication and access management solution (5 hours and 12 minutes).
- Skill 2.1: Plan, implement, and manage Azure Multifactor Authentication (MFA) and self-service password reset (1 hour and 12 minutes).
- Plan Azure MFA deployment, excluding MFA Server.
- Configure and deploy self-service password reset.
- Implement and manage Azure MFA settings.
- Manage MFA settings for users.
- Extend Azure AD MFA to third-party and on-premises devices.
- Monitor Azure AD MFA activity.
- Skill 2.2: Plan, implement, and manage Azure AD user authentication (1 hour and 12 minutes).
- Plan for authentication.
- Implement and manage authentication methods.
- Implement and manage Windows Hello for Business.
- Implement and manage password protection and smart lockout.
- Implement certificate-based authentication in Azure AD.
- Configure Azure AD user authentication for Windows and Linux virtual machines on Azure.
- Skill 2.3: Plan, implement, and manage Azure AD conditional access (1 hour and 36 minutes).
- Plan conditional access policies.
- Implement conditional access policy assignments.
- Implement conditional access policy controls.
- Test and troubleshoot conditional access policies.
- Implement session management.
- Implement device-enforcement restrictions.
- Implement continuous access evaluation.
- Create a conditional access policy from a template.
- Skill 2.4: Manage Azure AD Identity Protection (1 hour).
- Implement and manage a user risk policy.
- Implement and manage sign-in risk policy.
- Implement and manage MFA registration policy.
- Monitor, investigate, and remediate elevated risky users.
- Implement security for workload identities.
- Skill 2.5: Implement access management Azure resources (1 hour and 12 minutes).
- Assign Azure roles.
- Configure custom Azure roles.
- Create and configure managed identities.
- Use managed identities to access Azure resources.
- Analyze Azure role permissions.
- Configure Azure Key Vault RBAC and policies.
- Summary
- Case Study
- Quiz
Lesson 3: Implement Access Management for Apps (3 hours and 24 minutes).
- Skill 3.1: Plan, implement, and monitor for the integration of Enterprise apps for SSO (1 hour and 48 minutes).
- Discover apps by using Microsoft Defender for Cloud Apps or an ADFS application activity report.
- Design and implement app management roles.
- Understand and plan various built-in roles for application management.
- Configure pre-integrated gallery SaaS apps for SSO and implement access management.
- Integrate custom SaaS apps for SSO.
- Implement Application User Provisioning.
- Integrate on-premises apps by using the Azure AD Application Proxy.
- Monitor and audit access/sign-ons to an Azure AD integrated Enterprise application.
- Implement and configure consent settings.
- Skill 3.2: Implement app registrations (36 minutes).
- Plan your line-of-business application registration strategy.
- Implement application registrations.
- Configure application permissions and implement application authorization.
- Skill 3.3: Manage and monitor application access by using Microsoft Defender for Cloud Apps (1 hour).
- Implement application-enforced restrictions.
- Configure connectors to apps.
- Deploy Conditional Access App Control for apps using Azure Active Directory.
- Create access and session policies in Microsoft Defender for Cloud Apps.
- Implement and manage policies for OAuth apps.
- Summary
- Case Study
- Quiz
Lesson 4: Plan and implement an Identity Governance strategy (6 hours).
- Skill 4.1: Plan and implement entitlement management (1 hour and 48 minutes).
- Plan entitlements.
- Create and configure catalogs.
- Create and configure access packages.
- Manage access requests.
- Implement and manage Terms of Use.
- Manage the lifecycle of external users in Azure AD Identity Governance settings.
- Configure and manage connected organizations.
- Review per-user entitlement by using Azure AD entitlement management.
- Configure separation of duties checks for an access package.
- Skill 4.2: Plan, implement, and manage access reviews (1 hour and 36 minutes).
- Plan for access reviews.
- Create and configure access reviews for groups and apps.
- Create and configure access reviews for access packages.
- Create and configure access reviews for Azure AD and Azure resource roles.
- Create and configure access review programs.
- Monitor access review activity.
- Manage licenses for access reviews.
- Respond to access review activity, including automated and manual responses.
- Skill 4.3: Plan and implement privileged access (1 hour).
- Plan and manage Azure roles in Privileged Identity Management (PIM), including settings and assignments.
- Plan and manage Azure resources in PIM, including settings and assignments.
- Plan and configure privileged access groups.
- Analyze PIM audit history and reports.
- Create and manage break-glass accounts.
- Skill 4.4: Monitor Azure AD (1 hour and 36 minutes).
- Design a strategy for monitoring Azure AD.
- Review and analyze sign-in, audit, and provisioning logs by using the Azure AD admin center.
- Configure diagnostic settings, including Log Analytics, storage accounts, and Event Hub.
- Export sign-in and audit logs to a third-party SIEM.
- Monitor Azure AD by using Log Analytics, including KQL queries.
- Analyze Azure AD by using workbooks and reporting in the Azure Active Directory admin center.
- Configure notifications.
- Monitor and improve the security posture by using the Identity Secure Score.
- Summary
- Case Study
- Quiz
Student access for each license to the course content and resources for 6 months including:
- All text, video, and end of lesson questions
- Lab content (where available)
- Practice Test