SC-300 Course: Microsoft Identity and Access Administrator

• Learn the concepts and perform hands on activities needed to pass the SC-300 exam
• Gain a tremendous amount of knowledge involving Microsoft 365 and Azure Services
• Get loads of hands on experience with Microsoft 365 and Azure AD
• Utilize hands on simulations that can be access anytime, anywhere!

We really hope you'll agree, this training is way more then the average course on Udemy!

Have access to the following:

• Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer

• Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material

• Instructor led hands on and simulations to practice that can be followed even if you have little to no experience

TOPICS COVEREDINCLUDINGHANDSONLECTUREANDPRACTICETUTORIALS:

Introduction

• Welcome to the course

• Understanding the Microsoft Environment

• A Solid Foundation of Active Directory Domains

• A Solid Foundation of RAS, DMZ, and Virtualization

• A Solid Foundation of the Microsoft Cloud Services

• Creating a free Microsoft 365 Azure AD Account

• IMPORTANT Using Assignments in the course

How to setup a Practice Lab

• Introduction to building a practice lab

• Downloading a Windows 10 ISO

• Downloading Windows Server 2019 ISO

• Getting Hyper-V Installed on Windows

• Creating a Virtual Switch in Hyper-V

• Installing a Windows 10 Virtual Machine

• Installing a Windows Server 2019 Virtual Machine

• Installing Active Directory on Windows Server 2019

• Joining a Windows 10 Computer to a Microsoft Domain

Configure and manage a Microsoft Entra tenant

• The First Concepts to know about Microsoft's Cloud Services

• Basics of using the Azure AD Portal

• Azure and Microsoft 365 share the Azure AD Services

• Evaluate effective permissions for Microsoft Entra roles

• Configuring and managing Entra IDdirectory roles

• Configure and manage roles in Microsoft 365

• Custom Domains in Microsoft 365 / Azure AD

• Configuring and Managing Device Registration Options

• Understanding Administrative Units

• Configuring Delegation by using Administrative Units

• Configuring Tenant-Wide Settings

Managing Services using PowerShell

• Foundation of Administration with PowerShell

• Connecting PowerShell to Azure

• Using PowerShell to manage Entra ID (formerly Azure AD)

Create, configure, and manage Microsoft Entra identities

• Understanding the Concepts of User Identities

• Creating, Configuring and giving a license to User Identities

• Management of User Creation in Bulk

• Understanding Creation and Management of Groups

• Groups management using the Microsoft 365 Admin Center

• Creating, Configuring, and Managing Groups in Azure AD

• Managing Licenses for User Identities in Azure AD

Implement and manage identities for external users and tenants

• Managing external collaboration settings in Azure Active Directory

• Inviting external users (individually or in bulk)

• Managing external user accounts in Azure Active Directory

Implement and manage hybrid identity

• Planning for Azure AD/Microsoft 365 Hybrid On-Premises Infrastructure

• Planning out the Identity and Authentication Solutions

• Configuring On-Premise Active Directory to Support Additional Domain Names

• Adding and Verifying Additional Domains Names in Microsoft 365/Azure

• Setting the Primary Domain Name

• Configuring User Identities for using a New Domain Name

• Evaluating Requirements & Solutions for Sync for PHS, PTA, & ADFS SAML Federation

• Evaluating the Requirements and Solutions for Hybrid Identity Management

• Evaluating the Requirements and Solutions for Authentication

• Migration of On-Prem Users and Groups

• Understanding SSO, PHS, PTA and ADFS Federations Concepts

• Using IDFIX to clean AD before syncing with Azure AD

• Implementing Directory Synchronization with Directory Services, Federation Services, and Azure AD

• Identifying Users and Parameters to be Migrated

• Confirming the Data to be Migrated and Method and the Sync Process

• Using Azure AD Connect Health and looking for synchronization errors

Plan, implement, and manage Microsoft Entra user authentication

• Administering Authentication Methods (FIDO2 / Passwordless)

• Implementing an Authentication Solution based on Windows Hello for Business

• Enabling the FIDO2 Based Security Method in Azure AD

• Understanding the concepts of Multifactor Authentications (MFA)

• Administering and Configuring Multifactor Authentication (MFA)

• Password protection within Azure AD, and Smart Lockout On-Premise ADDS

• Configuring and Deploying Self-Service Password Reset (SSPR)

• Implementing and Managing Tenant Restrictions

Plan, implement, and manage Microsoft Entra Conditional Access

• Understanding Security Defaults

• Using Conditional Access Policies

• Implementing Conditional Access Policy Controls and Assignments

• Implementing Application Controls within Conditional Access Policies

• Implementing Session Management within Conditional Access Policies

• Testing and Troubleshooting Conditional Access Policies

Manage risk by using Microsoft Entra ID Protection

• Understanding Azure AD Identity Protection with User & Sign-in Risk Policies

• Enabling & Monitoring Azure AD Identity Protection User & Sign-in Risk Policies

Implement access management for Azure resources by using Azure roles

• Create custom Azure roles, including both control plane & data plane permissions

• Assign built-in and custom Azure roles

• Evaluate effective permissions for a set of Azure roles

• Assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines

• Configure Azure Key Vault role-based access control (RBAC) and access policies

Implement Global Secure Access

• Introduction to Global Secure Access

• Deploy Global Secure Access clients

• Deploy Private Access

• Deploy Internet Access

• Deploy Internet Access for Microsoft 365

• Download and install the Global Secure Access client software

Plan and implement identities for applications and Azure workloads

• Select appropriate identities for applications and Azure workloads

• Create managed identities

• Assign a managed identity to an Azure resource

• Use a managed identity assigned to an Azure resource to access other resources

Plan, implement, and monitor the integration of enterprise applications

• Plan and implement settings for enterprise applications, app & tenant level

• Assign appropriate Microsoft Entra roles to users to manage enterprise apps

• Design and implement integration for on-premises apps by using Entra App Proxy

• Design and implement integration for software as a service (SaaS) apps

• Assign, classify, and manage users, groups, and app roles for enterprise apps

• Configure and manage user and admin consent

• Create and manage application collections

Plan and implement app registrations

• Plan for app registrations

• Create app registrations

• Configure app authentication

• Configure API permissions

• Create app roles

Manage and monitor app access by using Microsoft Defender for Cloud Apps

• Understanding Microsoft Defender for Cloud Apps

• Configure and analyze cloud discovery results by using Defender for Cloud Apps

• Configure connected apps

• Implement application-enforced restrictions

• Conditional Access app control along with access and session policies

• Implement and manage policies including OAuth apps

• Manage the Cloud app catalog

Plan and implement entitlement management in Microsoft Entra

• Defining Catalogs for Entitlement Management

• Defining Access Packages

• Planning, Implementing and Managing Entitlements with Access Packages

• Exploring the user side of Entitlement within Azure AD

• Implementing and managing Terms of Use

• Managing the lifecycle of external users in Azure AD Identity Governance Settings

Plan, implement, and manage access reviews in Microsoft Entra

• Implementing and Configuring Access Reviews in Entra ID (formerly Azure AD)

Plan and implement privileged access

• Understanding Privileged Identity Management (PIM)

• Implementing & Configuring Privileged Identity Management (PIM)

• Analyzing PIM audit history reports

• Break-glass accounts

• Implementing and Configuring Access Reviews in Entra ID

Monitor identity activity by using logs, workbooks, and reports

• Analyzing and investigating sign-in logs to troubleshoot access issues

• Reviewing and monitoring Azure AD audit logs

• Understanding the concepts of Azure Sentinel

• Enabling Azure AD diagnostic logs with Log Analytics / Azure Sentinel

• Azure AD activity by using Log Analytics / Azure Sentinel, Workbooks, excluding KQL use

• Exporting sign-in and audit logs to a third-party SIEM

• Configuring notifications

Plan and implement Microsoft Entra Permissions Management

• Visualizing the need for Entra Permissions Management

• Onboard Entra Permissions Management licensing

• Onboard Azure subscriptions to Permissions Management

• Evaluate and remediate risks relating to Azure identities, resources, and tasks

• Evaluate and remediate risks relating to Azure highly privileged roles

• Evaluate and remediate risks relating to Permissions Creep Index (PCI) in Azure

• Configure activity alerts and triggers for Azure subscriptions