SC-300 Course: Microsoft Identity and Access Administrator
About Course
We really hope you’ll agree, this training is way more then the average course on Udemy!
Have access to the following:
- Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
- Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
- Instructor led hands on and simulations to practice that can be followed even if you have little to no experience
TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:
Introduction
- Welcome to the course
- Understanding the Microsoft Environment
- A Solid Foundation of Active Directory Domains
- A Solid Foundation of RAS, DMZ, and Virtualization
- A Solid Foundation of the Microsoft Cloud Services
- Creating a free Microsoft 365 Azure AD Account
- IMPORTANT Using Assignments in the course
How to setup a Practice Lab
- Introduction to building a practice lab
- Downloading a Windows 10 ISO
- Downloading Windows Server 2019 ISO
- Getting Hyper-V Installed on Windows
- Creating a Virtual Switch in Hyper-V
- Installing a Windows 10 Virtual Machine
- Installing a Windows Server 2019 Virtual Machine
- Installing Active Directory on Windows Server 2019
- Joining a Windows 10 Computer to a Microsoft Domain
Configure and manage a Microsoft Entra tenant
- The First Concepts to know about Microsoft’s Cloud Services
- Basics of using the Azure AD Portal
- Azure and Microsoft 365 share the Azure AD Services
- Evaluate effective permissions for Microsoft Entra roles
- Configuring and managing Entra ID directory roles
- Configure and manage roles in Microsoft 365
- Custom Domains in Microsoft 365 / Azure AD
- Configuring and Managing Device Registration Options
- Understanding Administrative Units
- Configuring Delegation by using Administrative Units
- Configuring Tenant-Wide Settings
Managing Services using PowerShell
- Foundation of Administration with PowerShell
- Connecting PowerShell to Manage Cloud Services
Create, configure, and manage Microsoft Entra identities
- Understanding the Concepts of User Identities
- Creating, Configuring and giving a license to User Identities
- Management of User Creation in Bulk
- Understanding Creation and Management of Groups
- Groups management using the Microsoft 365 Admin Center
- Creating, Configuring, and Managing Groups in Azure AD
- Managing Licenses for User Identities in Azure AD
Implement and manage identities for external users and tenants
- Managing external collaboration settings in Azure Active Directory
- Inviting external users (individually or in bulk)
- Managing external user accounts in Azure Active Directory
Implement and manage hybrid identity
- Planning for Azure AD/Microsoft 365 Hybrid On-Premises Infrastructure
- Planning out the Identity and Authentication Solutions
- Configuring On-Premise Active Directory to Support Additional Domain Names
- Adding and Verifying Additional Domains Names in Microsoft 365/Azure
- Setting the Primary Domain Name
- Configuring User Identities for using a New Domain Name
- Evaluating Requirements & Solutions for Sync for PHS, PTA, & ADFS SAML Federation
- Evaluating the Requirements and Solutions for Hybrid Identity Management
- Evaluating the Requirements and Solutions for Authentication
- Migration of On-Prem Users and Groups
- Understanding SSO, PHS, PTA and ADFS Federations Concepts
- Using IDFIX to clean AD before syncing with Azure AD
- Implementing Directory Synchronization with Directory Services, Federation Services, and Azure AD
- Identifying Users and Parameters to be Migrated
- Confirming the Data to be Migrated and Method and the Sync Process
- Using Azure AD Connect Health and looking for synchronization errors
Plan, implement, and manage Microsoft Entra user authentication
- Administering Authentication Methods (FIDO2 / Passwordless)
- Implementing an Authentication Solution based on Windows Hello for Business
- Enabling the FIDO2 Based Security Method in Azure AD
- Understanding the concepts of Multifactor Authentications (MFA)
- Administering and Configuring Multifactor Authentication (MFA)
- Password protection within Azure AD, and Smart Lockout On-Premise ADDS
- Configuring and Deploying Self-Service Password Reset (SSPR)
- Implementing and Managing Tenant Restrictions
Plan, implement, and manage Microsoft Entra Conditional Access
- Understanding Security Defaults
- Using Conditional Access Policies
- Implementing Conditional Access Policy Controls and Assignments
- Implementing Application Controls within Conditional Access Policies
- Implementing Session Management within Conditional Access Policies
- Testing and Troubleshooting Conditional Access Policies
Manage risk by using Microsoft Entra ID Protection
- Understanding Azure AD Identity Protection with User & Sign-in Risk Policies
- Enabling & Monitoring Azure AD Identity Protection User & Sign-in Risk Policies
Implement access management for Azure resources by using Azure roles
- Create custom Azure roles, including both control plane & data plane permissions
- Assign built-in and custom Azure roles
- Evaluate effective permissions for a set of Azure roles
- Assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines
- Configure Azure Key Vault role-based access control (RBAC) and access policies
Implement Global Secure Access
- Introduction to Global Secure Access
- Deploy Global Secure Access clients
- Deploy Private Access
- Deploy Internet Access
- Deploy Internet Access for Microsoft 365
- Download and install the Global Secure Access client software
Plan and implement identities for applications and Azure workloads
- Select appropriate identities for applications and Azure workloads
- Create managed identities
- Assign a managed identity to an Azure resource
- Use a managed identity assigned to an Azure resource to access other resources
Plan, implement, and monitor the integration of enterprise applications
- Plan and implement settings for enterprise applications, app & tenant level
- Assign appropriate Microsoft Entra roles to users to manage enterprise apps
- Design and implement integration for on-premises apps by using Entra App Proxy
- Design and implement integration for software as a service (SaaS) apps
- Assign, classify, and manage users, groups, and app roles for enterprise apps
- Configure and manage user and admin consent
- Create and manage application collections
Plan and implement app registrations
- Plan for app registrations
- Create app registrations
- Configure app authentication
- Configure API permissions
- Create app roles
Manage and monitor app access by using Microsoft Defender for Cloud Apps
- Understanding Microsoft Defender for Cloud Apps
- Configure and analyze cloud discovery results by using Defender for Cloud Apps
- Configure connected apps
- Implement application-enforced restrictions
- Conditional Access app control along with access and session policies
- Implement and manage policies including OAuth apps
- Manage the Cloud app catalog
Plan and implement entitlement management in Microsoft Entra
- Defining Catalogs for Entitlement Management
- Defining Access Packages
- Planning, Implementing and Managing Entitlements with Access Packages
- Exploring the user side of Entitlement within Azure AD
- Implementing and managing Terms of Use
- Managing the lifecycle of external users in Azure AD Identity Governance Settings
Plan, implement, and manage access reviews in Microsoft Entra
- Implementing and Configuring Access Reviews in Entra ID (formerly Azure AD)
Plan and implement privileged access
- Understanding Privileged Identity Management (PIM)
- Implementing & Configuring Privileged Identity Management (PIM)
- Analyzing PIM audit history reports
- Break-glass accounts
- Implementing and Configuring Access Reviews in Entra ID
Monitor identity activity by using logs, workbooks, and reports
- Analyzing and investigating sign-in logs to troubleshoot access issues
- Reviewing and monitoring Azure AD audit logs
- Understanding the concepts of Azure Sentinel
- Enabling Azure AD diagnostic logs with Log Analytics / Azure Sentinel
- Azure AD activity by using Log Analytics / Azure Sentinel, Workbooks, excluding KQL use
- Exporting sign-in and audit logs to a third-party SIEM
- Configuring notifications
Plan and implement Microsoft Entra Permissions Management
- Visualizing the need for Entra Permissions Management
- Onboard Entra Permissions Management licensing
- Onboard Azure subscriptions to Permissions Management
- Evaluate and remediate risks relating to Azure identities, resources, and tasks
- Evaluate and remediate risks relating to Azure highly privileged roles
- Evaluate and remediate risks relating to Permissions Creep Index (PCI) in Azure
- Configure activity alerts and triggers for Azure subscriptions
Course Content
01 Introduction
-
-
06:05
-
01:51
-
12:11
-
13:09
-
17:14
-
01:40
-
03:29
-
04:48
-
04:45
-
04:45
-
04:45
-
07:58
-
02:51
-
02:51
-
01:29
-
00:33