Course Summary

This Microsoft Identity and Access Administrator course prepares you for the Microsoft Exam SC-300 by focusing on the knowledge  needed to configure and manage Azure AD tenants; creating, configuring, and managing Azure AD identities; implementing and managing external identities and hybrid identity; planning, implementing, and managing Azure Multifactor Authentication (MFA), self-service password reset, Azure AD user authentication, and Azure AD conditional access; managing Azure AD Identity Protection; implementing access management for Azure resources; managing and monitoring app access with Microsoft Defender for Cloud Apps; planning, implementing, and monitoring enterprise app integration; enabling app registration; planning and implementing entitlement management and privileged access; planning, implementing, and managing access reviews; and monitor Azure AD. This course focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Identity and Access Administrator Associate level.

The goal of this course is to provide you with all the tools you need to prepare for the SC-300 Microsoft Identity and Access Administrator exam — including text explanations, video demos, lab activities, self-assessment questions, and a practice exam— to increase your chances of passing the exam on your first try.

Methodology:

180-day access to:

  • Lessons
  • Video learning
  • MeasureUp Practice Test for Microsoft (SC-300). Practice Mode with remediation and Certification mode to simulate the test day experience.
Duration:  

34 hours of primary content. Each learner will learn at their own pace.

Audience:  

An administrator, security engineer, or other IT professional who provides, or plans to provide, secure identity and access services for an enterprise.

Prerequisites:  

IT professionals who design, implement, and operate an organization’s identity and access management systems by using Microsoft Azure Active Directory (Azure AD).

 

Course Outline:

Upon successful completion of this course, students should be able to:

  • Implement identities in Azure AD.
  • Implement an authentication and access management solution.
  • Implement Access Management for Apps.
  • Plan and implement an Identity Governance strategy.

Lesson 1: Implement identities in Azure AD (4 hours and 12 minutes)

  • Skill 1.1: Skill 1.1: Configure and manage an Azure AD tenant (1 hour).
    • Configure and manage Azure AD roles.
    • Configure delegation by using administrative units.
    • Analyze Azure AD role permissions.
    • Configure and manage custom domains.
    • Configure tenant-wide settings.
  • Skill 1.2: Create, configure, and manage Azure AD identities (48 minutes).
    • Create, configure, and manage users.
    • Create, configure, and manage groups.
  • Configure and manage device joins and registrations, including writeback.
    • Assign, modify, and report on licenses.
  • Skill 1.3: Implement and manage external identities (48 minutes).
    • Manage external collaboration settings in Azure AD.
    • Invite external users, individually or in bulk (collectively).
    • Manage external user accounts in Azure AD.
    • Configure identity providers, including SAML and WS-Fed.
  • Skill 1.4: Implement and manage external identities (1 hour and 36 minutes).
    • Implement and manage Azure Active Directory Connect.
    • Implement and manage Azure AD Connect cloud Sync.
    • Implement and manage Password Hash Synchronization (PHS).
    • Implement and manage Pass-Through Authentication (PTA).
    • Implement and mange Seamless Single Sign-On (Seamless SSO).
    • Implement and manager Federation, excluding manual ADFS.
    • Implement and manage Azure AD Connect Health.
    • Troubleshoot synchronization errors.
  • Summary
  • Case Study
  • Quiz

 

 

Lesson 2: Implement an authentication and access management solution (5 hours and 12 minutes).

  • Skill 2.1: Plan, implement, and manage Azure Multifactor Authentication (MFA) and self-service password reset (1 hour and 12 minutes).
    • Plan Azure MFA deployment, excluding MFA Server.
    • Configure and deploy self-service password reset.
    • Implement and manage Azure MFA settings.
    • Manage MFA settings for users.
    • Extend Azure AD MFA to third-party and on-premises devices.
    • Monitor Azure AD MFA activity.
  • Skill 2.2: Plan, implement, and manage Azure AD user authentication (1 hour and 12 minutes).
    • Plan for authentication.
    • Implement and manage authentication methods.
    • Implement and manage Windows Hello for Business.
    • Implement and manage password protection and smart lockout.
    • Implement certificate-based authentication in Azure AD.
    • Configure Azure AD user authentication for Windows and Linux virtual machines on Azure.
  • Skill 2.3: Plan, implement, and manage Azure AD conditional access (1 hour and 36 minutes).
    • Plan conditional access policies.
    • Implement conditional access policy assignments.
    • Implement conditional access policy controls.
    • Test and troubleshoot conditional access policies.
    • Implement session management.
    • Implement device-enforcement restrictions.
    • Implement continuous access evaluation.
    • Create a conditional access policy from a template.
  • Skill 2.4: Manage Azure AD Identity Protection (1 hour).
    • Implement and manage a user risk policy.
    • Implement and manage sign-in risk policy.
    • Implement and manage MFA registration policy.
    • Monitor, investigate, and remediate elevated risky users.
    • Implement security for workload identities.
  • Skill 2.5: Implement access management Azure resources (1 hour and 12 minutes).
    • Assign Azure roles.
    • Configure custom Azure roles.
    • Create and configure managed identities.
    • Use managed identities to access Azure resources.
    • Analyze Azure role permissions.
    • Configure Azure Key Vault RBAC and policies.

 

  • Summary
  • Case Study
  • Quiz

 

Lesson 3: Implement Access Management for Apps (3 hours and 24 minutes).

  • Skill 3.1: Plan, implement, and monitor for the integration of Enterprise apps for SSO (1 hour and 48 minutes).
    • Discover apps by using Microsoft Defender for Cloud Apps or an ADFS application activity report.
    • Design and implement app management roles.
    • Understand and plan various built-in roles for application management.
    • Configure pre-integrated gallery SaaS apps for SSO and implement access management.
    • Integrate custom SaaS apps for SSO.
    • Implement Application User Provisioning.
    • Integrate on-premises apps by using the Azure AD Application Proxy.
    • Monitor and audit access/sign-ons to an Azure AD integrated Enterprise application.
    • Implement and configure consent settings.
  • Skill 3.2: Implement app registrations (36 minutes).
    • Plan your line-of-business application registration strategy.
    • Implement application registrations.
    • Configure application permissions and implement application authorization.
  • Skill 3.3: Manage and monitor application access by using Microsoft Defender for Cloud Apps (1 hour).
    • Implement application-enforced restrictions.
    • Configure connectors to apps.
    • Deploy Conditional Access App Control for apps using Azure Active Directory.
    • Create access and session policies in Microsoft Defender for Cloud Apps.
    • Implement and manage policies for OAuth apps.
  • Summary
  • Case Study
  • Quiz

Lesson 4: Plan and implement an Identity Governance strategy (6 hours).

  • Skill 4.1: Plan and implement entitlement management (1 hour and 48 minutes).
    • Plan entitlements.
    • Create and configure catalogs.
    • Create and configure access packages.
    • Manage access requests.
    • Implement and manage Terms of Use.
    • Manage the lifecycle of external users in Azure AD Identity Governance settings.
    • Configure and manage connected organizations.
    • Review per-user entitlement by using Azure AD entitlement management.
    • Configure separation of duties checks for an access package.
  • Skill 4.2: Plan, implement, and manage access reviews (1 hour and 36 minutes).
    • Plan for access reviews.
    • Create and configure access reviews for groups and apps.
    • Create and configure access reviews for access packages.
    • Create and configure access reviews for Azure AD and Azure resource roles.
    • Create and configure access review programs.
    • Monitor access review activity.
    • Manage licenses for access reviews.
    • Respond to access review activity, including automated and manual responses.
  • Skill 4.3: Plan and implement privileged access (1 hour).
    • Plan and manage Azure roles in Privileged Identity Management (PIM), including settings and assignments.
    • Plan and manage Azure resources in PIM, including settings and assignments.
    • Plan and configure privileged access groups.
    • Analyze PIM audit history and reports.
    • Create and manage break-glass accounts.
  • Skill 4.4: Monitor Azure AD (1 hour and 36 minutes).
    • Design a strategy for monitoring Azure AD.
    • Review and analyze sign-in, audit, and provisioning logs by using the Azure AD admin center.
    • Configure diagnostic settings, including Log Analytics, storage accounts, and Event Hub.
    • Export sign-in and audit logs to a third-party SIEM.
    • Monitor Azure AD by using Log Analytics, including KQL queries.
    • Analyze Azure AD by using workbooks and reporting in the Azure Active Directory admin center.
    • Configure notifications.
    • Monitor and improve the security posture by using the Identity Secure Score.
  • Summary
  • Case Study
  • Quiz

Leave Us A Message

    Please ensure all* required fields are completed, and we will get in touch with you shortly.



    The reCAPTCHA verification period has expired. Please reload the page.

    RU Academy

    Level 7, Oasis Wing, Brunfield Oasis Tower 3 No.2, Jalan PJU 1A/7A, Oasis Square, Oasis Damansara, Petaling Jaya 47301, Selangor

    Tel : + 603-7848-5937
    WhatsApp : +6018-2010943