SC-300 Course: Microsoft Identity and Access Administrator

We really hope you’ll agree, this training is way more then the average course on Udemy!

Have access to the following:

• Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
• Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
• Instructor led hands on and simulations to practice that can be followed even if you have little to no experience

TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:

Introduction

• Welcome to the course
• Understanding the Microsoft Environment
• A Solid Foundation of Active Directory Domains
• A Solid Foundation of RAS, DMZ, and Virtualization
• A Solid Foundation of the Microsoft Cloud Services
• Creating a free Microsoft 365 Azure AD Account
• IMPORTANT Using Assignments in the course

How to setup a Practice Lab

• Introduction to building a practice lab
• Downloading a Windows 10 ISO
• Downloading Windows Server 2019 ISO
• Getting Hyper-V Installed on Windows
• Creating a Virtual Switch in Hyper-V
• Installing a Windows 10 Virtual Machine
• Installing a Windows Server 2019 Virtual Machine
• Installing Active Directory on Windows Server 2019
• Joining a Windows 10 Computer to a Microsoft Domain

Configure and manage a Microsoft Entra tenant

• The First Concepts to know about Microsoft’s Cloud Services
• Basics of using the Azure AD Portal
• Azure and Microsoft 365 share the Azure AD Services
• Evaluate effective permissions for Microsoft Entra roles
• Configuring and managing Entra ID directory roles
• Configure and manage roles in Microsoft 365
• Custom Domains in Microsoft 365 / Azure AD
• Configuring and Managing Device Registration Options
• Understanding Administrative Units
• Configuring Delegation by using Administrative Units
• Configuring Tenant-Wide Settings

Managing Services using PowerShell

• Foundation of Administration with PowerShell
• Connecting PowerShell to Manage Cloud Services

Create, configure, and manage Microsoft Entra identities

• Understanding the Concepts of User Identities
• Creating, Configuring and giving a license to User Identities
• Management of User Creation in Bulk
• Understanding Creation and Management of Groups
• Groups management using the Microsoft 365 Admin Center
• Creating, Configuring, and Managing Groups in Azure AD
• Managing Licenses for User Identities in Azure AD

Implement and manage identities for external users and tenants

• Managing external collaboration settings in Azure Active Directory
• Inviting external users (individually or in bulk)
• Managing external user accounts in Azure Active Directory

Implement and manage hybrid identity

• Planning for Azure AD/Microsoft 365 Hybrid On-Premises Infrastructure
• Planning out the Identity and Authentication Solutions
• Configuring On-Premise Active Directory to Support Additional Domain Names
• Adding and Verifying Additional Domains Names in Microsoft 365/Azure
• Setting the Primary Domain Name
• Configuring User Identities for using a New Domain Name
• Evaluating Requirements & Solutions for Sync for PHS, PTA, & ADFS SAML Federation
• Evaluating the Requirements and Solutions for Hybrid Identity Management
• Evaluating the Requirements and Solutions for Authentication
• Migration of On-Prem Users and Groups
• Understanding SSO, PHS, PTA and ADFS Federations Concepts
• Using IDFIX to clean AD before syncing with Azure AD
• Implementing Directory Synchronization with Directory Services, Federation Services, and Azure AD
• Identifying Users and Parameters to be Migrated
• Confirming the Data to be Migrated and Method and the Sync Process
• Using Azure AD Connect Health and looking for synchronization errors

Plan, implement, and manage Microsoft Entra user authentication

• Administering Authentication Methods (FIDO2 / Passwordless)
• Implementing an Authentication Solution based on Windows Hello for Business
• Enabling the FIDO2 Based Security Method in Azure AD
• Understanding the concepts of Multifactor Authentications (MFA)
• Administering and Configuring Multifactor Authentication (MFA)
• Password protection within Azure AD, and Smart Lockout On-Premise ADDS
• Configuring and Deploying Self-Service Password Reset (SSPR)
• Implementing and Managing Tenant Restrictions

Plan, implement, and manage Microsoft Entra Conditional Access

• Understanding Security Defaults
• Using Conditional Access Policies
• Implementing Conditional Access Policy Controls and Assignments
• Implementing Application Controls within Conditional Access Policies
• Implementing Session Management within Conditional Access Policies
• Testing and Troubleshooting Conditional Access Policies

Manage risk by using Microsoft Entra ID Protection

• Understanding Azure AD Identity Protection with User & Sign-in Risk Policies
• Enabling & Monitoring Azure AD Identity Protection User & Sign-in Risk Policies

Implement access management for Azure resources by using Azure roles

• Create custom Azure roles, including both control plane & data plane permissions
• Assign built-in and custom Azure roles
• Evaluate effective permissions for a set of Azure roles
• Assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines
• Configure Azure Key Vault role-based access control (RBAC) and access policies

Implement Global Secure Access

• Introduction to Global Secure Access
• Deploy Global Secure Access clients
• Deploy Private Access
• Deploy Internet Access
• Deploy Internet Access for Microsoft 365
• Download and install the Global Secure Access client software

Plan and implement identities for applications and Azure workloads

• Select appropriate identities for applications and Azure workloads
• Create managed identities
• Assign a managed identity to an Azure resource
• Use a managed identity assigned to an Azure resource to access other resources

Plan, implement, and monitor the integration of enterprise applications

• Plan and implement settings for enterprise applications, app & tenant level
• Assign appropriate Microsoft Entra roles to users to manage enterprise apps
• Design and implement integration for on-premises apps by using Entra App Proxy
• Design and implement integration for software as a service (SaaS) apps
• Assign, classify, and manage users, groups, and app roles for enterprise apps
• Configure and manage user and admin consent
• Create and manage application collections

Plan and implement app registrations

• Plan for app registrations
• Create app registrations
• Configure app authentication
• Configure API permissions
• Create app roles

Manage and monitor app access by using Microsoft Defender for Cloud Apps

• Understanding Microsoft Defender for Cloud Apps
• Configure and analyze cloud discovery results by using Defender for Cloud Apps
• Configure connected apps
• Implement application-enforced restrictions
• Conditional Access app control along with access and session policies
• Implement and manage policies including OAuth apps
• Manage the Cloud app catalog

Plan and implement entitlement management in Microsoft Entra

• Defining Catalogs for Entitlement Management
• Defining Access Packages
• Planning, Implementing and Managing Entitlements with Access Packages
• Exploring the user side of Entitlement within Azure AD
• Implementing and managing Terms of Use
• Managing the lifecycle of external users in Azure AD Identity Governance Settings

Plan, implement, and manage access reviews in Microsoft Entra

• Implementing and Configuring Access Reviews in Entra ID (formerly Azure AD)

Plan and implement privileged access

• Understanding Privileged Identity Management (PIM)
• Implementing & Configuring Privileged Identity Management (PIM)
• Analyzing PIM audit history reports
• Break-glass accounts
• Implementing and Configuring Access Reviews in Entra ID

Monitor identity activity by using logs, workbooks, and reports

• Analyzing and investigating sign-in logs to troubleshoot access issues
• Reviewing and monitoring Azure AD audit logs
• Understanding the concepts of Azure Sentinel
• Enabling Azure AD diagnostic logs with Log Analytics / Azure Sentinel
• Azure AD activity by using Log Analytics / Azure Sentinel, Workbooks, excluding KQL use
• Exporting sign-in and audit logs to a third-party SIEM
• Configuring notifications

Plan and implement Microsoft Entra Permissions Management

• Visualizing the need for Entra Permissions Management
• Onboard Entra Permissions Management licensing
• Onboard Azure subscriptions to Permissions Management
• Evaluate and remediate risks relating to Azure identities, resources, and tasks
• Evaluate and remediate risks relating to Azure highly privileged roles
• Evaluate and remediate risks relating to Permissions Creep Index (PCI) in Azure
• Configure activity alerts and triggers for Azure subscriptions