MS-SC-300T00 - Microsoft Identity and Access Administrator

This course provides IT Identity and Access Professional, along with IT Security Professional, with the knowledge and skills needed to implement identity management solutions based on Microsoft Azure AD, and it connected identity technologies. This course includes identity content for Azure AD, enterprise application registration, conditional access, identity governance, and other identity tools.

Student Testimonials

Instructor did a great job, from experience this subject can be a bit dry to teach but he was able to keep it very engaging and made it much easier to focus. Student
Excellent presentation skills, subject matter knowledge, and command of the environment. Student
Instructor was outstanding. Knowledgeable, presented well, and class timing was perfect. Student

Click here to print this page »


Successful learners will have prior knowledge and understanding of:
Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.
Be familiar with identity concepts such as authentication, authorization, and active directory.
Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.
Some experience with Windows and Linux operating systems and scripting languages is helpful but not required. Course labs may use PowerShell and the CLI.

Detailed Class Syllabus

Learning Path 1: Implement an identity management solution

Learn to create and manage your initial Azure Entra ID (formerly known Azure AD) implementation and configure the users, groups, and external identities you will use to run your solution.
Implement Initial configuration of Azure Entra ID
Create, configure, and manage identities
Implement and manage external identities
Implement and manage hybrid identity
Manage user roles
Setting tenant-wide properties
Assign licenses to users
Restore or remove deleted users
Add groups in Azure Entra ID
Change group license assignments
Change user license assignments
Configure external collaboration
Add guest users to the directory
Explore dynamic groups
After completing this Learning Path, students will be able to:
Deploy an initial Azure Entra ID with custom settings
Manage both internal and external identities
Implement a hybrid identity solution

Learning Path 2: Implement an authentication and access management solution

Implement and administer your access management using Azure Entra ID. Use MFA, conditional access, and identity protection to manager your identity solution.
Secure Azure Entra user with MFA
Manage user authentication
Plan, implement, and administer conditional access
Manage Azure Entra identity protection
Implement access management for Azure resources
Enable Azure Entra MFA
Configure and deploy self-service password reset (SSPR)
Work with security defaults
Implement conditional access policies, roles, and assignments
Configure authentication session controls
Manage Azure Entra smart lockout values
Enable sign-in risk policy
Configure Azure Entral MFA authentication registration policy
After completing this Learning Path, students will be able to:
Configure and manage user authentication including MFA
Control access to resources using conditional access
Use Azure Entra Identity Protection to protect your organization

Learning Path 3: Implement access management for Apps

Explore how applications can and should be added to your identity and access solution with application registration in Azure Entra.
Plan and design the integration of enterprise for SSO
Implement and monitor the integration of enterprise apps for SSO
Implement app registration
Implement access management for apps
Create a custom role to management app registration
Register an application
Grant tenant-wide admin consent to an application
Add app roles to applications and receive tokens
After completing this Learning Path, students will be able to:
Register a new application to your Azure Entra
Plan and implement SSO for enterprise application
Monitor and maintain enterprise applications

Learning Path 4: Plan and implement an identity governance strategy

Design and implement identity governance for your identity solution using entitlement, access reviews, privileged access, and monitoring your Azure Entra
Plan and implement entitlement management
Plan, implement, and manage access reviews
Plan and implement privileged access
Monitor and maintain Entra ID
Create and manage a resource catalog with Azure Entra entitlement
Add terms of use acceptance report
Manage the lifecycle of external users with Azure Entra identity governance
Create access reviews for groups and apps
Configure PIM for Azure Entra roles
Assign Azure Entra role in PIM
Assign Azure resource roles in PIM
Connect data from Azure Entra to Azure Sentinel
After completing this Learning Path, students will be able to:
Mange and maintain Azure Entra from creation to solution
Use access reviews to maintain your Azure Entra
Grant access to users with entitlement management