Keep Calm and Study On - Unlock Your Success - Use #TOGETHER for 30% discount at Checkout
Testprep Training

Microsoft Identity and Access Administrator (SC-300) Online Course

Microsoft Identity and Access Administrator (SC-300) Online Course

The Microsoft Identity and Access Administrator designs, implements, and operates an organization’s identity and access management systems by using Azure Active Directory (Azure AD). They manage tasks such as providing secure authentication and authorization access to enterprise applications. The administrator provides seamless experiences and self-service management capabilities for all users. Adaptive access and governance are core elements to the role. This role is also responsible for troubleshooting, monitoring, and reporting for the identity and access environment. 

This course starts from implementing the initial configuration of Azure Active Directory. Then, create, configure, and manage identities. Followed by, implementing, and managing external identities. 


Course Table of Contents

Introduction to the Course

  • SC 300 - Course Introduction

Module 1 - Implement an Identify Management Solution (25-30%)

  • Module 1 - Introduction
  • Active Directory – Throw Back
  • What is Azure Active Directory
  • Who Uses Azure AD
  • Azure AD Roles
  • Differences Between Azure Roles and Azure AD Roles
  • Capabilities of Global Admin
  • Azure AD Roles - Lab Activity
  • Azure AD - Custom Roles
  • Custom Domains
  • Deleting Custom Domains
  • Bring Your Devices
  • Azure AD Registered Devices
  • Azure AD Join
  • Azure AD Domain Join - Lab
  • Azure AD - Hybrid Joined
  • Azure AD - Administrative Units
  • Administrative Units - Lab Activity
  • Planning and Delegation - Administrative Units
  • Plan for Delegation
  • Security Defaults
  • Create Configure and Manage Identities - Introduction
  • Azure Active Directory - Users
  • Azure Active Directory - Groups
  • Managing Licenses
  • License Requirements
  • Licensing Features
  • Implement and Manage External Identities - Introduction
  • Azure AD B2B Collaboration
  • Azure AD B2B - Lab Activity
  • Azure AD External Collaboration Settings
  • Dynamic Groups
  • Dynamic Groups - Lab
  • Azure AD B2B - Google Auth - Demo
  • Implement and Manage Hybrid Identity
  • Plan, Design, and Implement Azure AD Connect
  • Need for AD Connect
  • Selecting the Right Authentication Method
  • Azure AD Password Hash Synchronization (PHS)
  • Azure AD Pass Through Authentication (PTA)
  • Federated Authentication
  • Architecture diagrams
  • Azure AD Design Considerations
  • Azure AD Connect Components
  • PHS - How Does it Work?
  • Azure AD Connect - Lab
  • Troubleshooting Sync Errors
  • Data Mismatch Errors - InvalidSoftMatch
  • Data Mismatch Errors - ObjectTypeMismatch
  • Duplicate Attributes - AttributeValueMustBeUnique
  • Data Validation Failures - IdentityDataValidationFailed
  • FederatedDomainChangeError
  • LargeObjects Error
  • Azure AD Connect Health - Installation
  • Azure AD Connect Health
  • Self Remediation and Orphaned Objects
  • Lab 1 - Assigning Roles to User Accounts
  • Lab 2 - Tenant Properties
  • Lab 3 - Assigning Licenses to Groups
  • Lab 4 - External Collaboration Settings
  • Lab 5 - Restoring Deleted Users
  • Module 1 - Summary

Module 2 - Implement an Authentication and Access Management Solution (25-30%)

  • Module 2 - Introduction
  • Plan and Implement Azure Multifactor Authentication - Introduction
  • What is Azure AD MFA?
  • How Multi-Factor Authentication works
  • Planning the MFA
  • Enforcing MFA with Conditional Access
  • Deciding Supported Authentication Methods
  • Azure AD Authentication Methods
  • Monitoring and Usage
  • Manage User Authentication - Introduction
  • Password Less Authentication - Introduction
  • Security Usability Availability of Authentication - Methods
  • Configuring Fido Key for a User - Lab
  • Windows Hello for Business
  • Windows Hello for Business Works - Key Points
  • Azure AD Password - Protection
  • Azure AD Password Protection - Lab Activity
  • Multiple Forests and RODC - Considerations
  • Plan, Implement, and Manage Conditional Access
  • Security Defaults
  • What Policies are Enforced and to Whom?
  • Blocking legacy - Authentication
  • Conditional Access Policies - Planning
  • Conditional Access policies - Benefits
  • Conditional Access policies - Components
  • Conditional Access Policies - Best Practices
  • Condition Access Policies - Most Common Policies
  • Conditional Access Policies - Build and Test Policies
  • Conditional Access Policies - Build and Test Policies - II
  • Sign-in Risk and User Risk - Conditional Access Policy
  • Conditional Access Policy - Blocking Locations - Lab
  • Troubleshooting Using Sign-in Logs
  • Device Compliance
  • Conditional Access Policy - Device Compliance - Lab
  • User Exclusions
  • Conditional Access Policy - O365 Block MFA Required - Lab
  • Test and Troubleshoot Conditional Access Policies
  • Implement Application Controls and Application
  • Scenario 1 - Microsoft 365 Apps Require an Approved Client
  • Scenario 2 - Exchange Online and SharePoint Online
  • App Protection Policies Overview
  • How Can you Protect App Data-Edited
  • Manage Azure AD Identity Protection - Introduction
  • Manage Azure AD Identity Protection
  • Risk Detection And Remediation
  • Permissions
  • License Requirements
  • Sign-in and User Risk Policy
  • Choosing Acceptable Risk Policy
  • Prerequisites of Self Remediation
  • Navigating Through the Reports - Lab
  • Remediate Risks and Unblock Users
  • User Risk Remediation Options
  • Unblocking Users
  • Enable Azure AD MFA - EnterpriseWide - Lab
  • Deploy SSPR - Setup
  • Security Defaults - Lab
  • Control User Sign-in Frequency - Lab
  • Smart Lockout Values
  • Configuring User and Sign-in Risk Policy
  • Configure Azure AD MFA Registration Policy
  • Module 2 Summary

Module 3 – Implement Access Management for Apps (10-15%)

  • Module 3 – Introduction and Objectives
  • Microsoft Cloud App Security – CASB (Cloud Access Security Broker) Solution from Microsoft
  • MCAS Architecture
  • Need to Migrate to ADFS (Active Directory Federation Services)
  • Discover ADFS Applications - Lab
  • Design and Implement App Management Roles
  • Restrict Who Can Create Applications
  • Configure SaaS Based Applications
  • Implement and Monitor SSO Apps - Introduction
  • Token Customizations
  • What is a consent
  • User Consent Settings
  • What is Azure Application Proxy
  • How does Azure Application Proxy Work
  • Comparison of Various Protocols Used by IDPs
  • Implement Application User Provisioning
  • Manual Versus Automatic Provisioning
  • SCIM (System for Common Identity Management)
  • SCIM Demonstration
  • SCIM - Attribute Exchange
  • Usage, Insights and Audit Reports for Enterprise Applications
  • Application Registrations
  • The Need to Integrate Applications with Azure AD
  • What are Application Objects
  • What are Service Principals
  • Relation Between Application Objects and Services Principals
  • Roles and Permissions Required
  • Tenants - Who Can Sign-in to Your New App
  • Azure Application Registrations
  • Types of Permissions - Delegated and Application
  • Requesting Individual User Consent
  • Manifest File, Token, and Claims
  • Integrate Applications with Azure AD - Lab Activity
  • Troubleshooting SAML
  • Module 3 - Summary

Module 4 – Plan and Implement an Identity Governance Strategy (25-30%)

  • Module 4 - Introduction
  • Planning and Implementing Entitlement Management - Introduction
  • What is Entitlement Management
  • Capabilities of Entitlement Management
  • Entitlement Management - Terminology
  • What Resources can I Manage with Access Packages
  • How do I Control Who Gets Access
  • When Should I Use Access Packages
  • Plan, Implement, and Manage Access Reviews - Introduction
  • Plan for Access Reviews
  • What is Azure AD Identity Governance
  • Access Reviews - Lab Activity
  • Planning the Scope
  • Components of an Access Review
  • Planning Communications
  • Access Reviews Lab Activity - I
  • Access Reviews Lab Activity - II
  • Managing Licenses for Access Reviews
  • Plan and Implement Privileged Access
  • Azure Active Directory Privileged Identity Management
  • PIM - Stakeholders
  • Principle of Least Privilege - Best Practices for PIM
  • Decide the Roles that Should be Protected by PIM
  • Decide What to Protect with PIM
  • Assign Azure AD Roles in Privileged Identity Management - Lab Activity
  • Configure PIM for Azure Resources
  • Discovering Resources to Manage
  • Audit History - Lab Activity
  • Creating and Managing Emergency Access Accounts - I
  • Creating and Managing Emergency Access Accounts - II
  • Exclusions
  • Validating Emergency Accounts
  • Monitor and Maintain Azure AD - Introduction
  • Analyze Sign-in and Troubleshoot Access Issues - Components
  • Access and Licenses
  • Sign-in Report - Lab Activity
  • Sign in Data - More Information
  • Audit Log - Users and Groups
  • Exporting Logs to Third Party Security Solutions
  • Integration Recommendations
  • Analyze Azure AD Workbooks and Reporting
  • Module 4 - Summary

Tags: Microsoft Identity and Access Administrator (SC-300) Online Course