
Engage in hands-on, simulation-based training for the Microsoft identity and access administrator certification. Practice Azure AD, Microsoft 365, MFA, and conditional access in browser simulations 24/7, aligned to exam objectives.
Develop a solid foundation by exploring on-premises Active Directory and domain services, then clarify Microsoft 365, Azure, and cloud models (IaaS, PaaS, SaaS) for identity and access.
Explore the evolution of Microsoft domains from on-premise networks to Active Directory domains, covering domain controllers, DNS, Kerberos, LDAP, GPO, replication, and the shift toward cloud, Raas, VPNs, and virtualization.
Explore how remote access using a vpn and ras secures offsite users, the role of dmz and perimeter networks, and the impact of virtualization with hyper-v and elasticity.
Trace the cloud services evolution from IaaS to SaaS with Azure and Microsoft 365, and master cloud identity with Azure AD Connect, interconnect, and single sign-on.
Microsoft renames services and portals, such as Azure Active Directory to IntraID, and portal links like portal.microsoft.com to admin.microsoft.com, security.microsoft.com to defender.microsoft.com, endpoint.microsoft.com to Intune.microsoft.com; use portals.examlabpractice.com for latest access.
Set up a lab with Microsoft 365 and Azure, pursue a free Office 365 trial to access Microsoft 365 E5, and learn activation steps and Teams options.
Create a free Microsoft 365 trial by signing up with a new email and verifying via phone. Navigate licensing, portal changes, and cancellation after 30 days.
John Christopher invites questions from thousands and shows how to search Docs.microsoft.com for official Microsoft 365 guidance, exam lab practice, and assignments.
discover why the SC-300 course presents concepts in a learning-friendly order, clarifying that test objectives aren’t sequential and how foundational concepts precede advanced ones for clarity.
Navigate to exam lab practice.com/i download to access the Microsoft Windows Server 2022 ISO. Save the ISO to your desktop by right-clicking the link and choosing save link as.
Create an external virtual switch in Hyper-V to give a guest VM internet access by selecting a network adapter and confirming the switch.
Create and configure a Windows Server 2022 virtual machine with Hyper-V, including generation two, 4 GB RAM, a 127 GB dynamic disk, and ISO-based installation.
Download the Windows 11 iso to set up a virtual machine by navigating to the iso download page, selecting English United States 64-bit, and clicking download.
Set up a Windows 11 VM in Hyper-V, choosing generation two, 4 GB RAM, TPM, and at least two processors; attach the ISO and complete domain join and renaming.
Set up a Microsoft Active Directory domain on Windows Server 2022 by installing AD DS, promoting a domain controller for a new forest, and configuring DNS.
join Windows 11 to a domain by configuring the DNS server to the domain controller's IP, renaming the computer, and signing in with the administrator to access domain resources.
Explore Azure RBAC and Entra ID roles across Azure resources and Microsoft 365, applying least privilege with scope levels from management group to resource, using owner, contributor, and reader examples.
Understand administrative units in Microsoft Entra ID as departmental silos that enable delegated admin control. Learn when to use static versus dynamic membership and the licensing requirements.
Create and manage administrative units in Azure AD and Entra, apply restricted management, and use dynamic membership with unit-scoped roles for targeted users.
Evaluate the effective permissions of Microsoft Entra roles by reviewing a role's description and permission list, and consulting official articles on admin.microsoft.com and the Azure portal.
Register and verify a custom domain in Microsoft Entra ID and Microsoft 365, using text records in GoDaddy DNS, then link the domain to Exchange Online and other services.
Configure company branding to personalize Azure and Microsoft 365 experiences, including background images, favicon, headers, footers, and sign-in text. Save and review changes in portal.azure.com to tailor visuals.
Configure tenant properties, user settings, group settings, and device settings in Microsoft Entra to manage access across Azure and Microsoft 365, including security defaults, MFA, and device controls.
Before your first assignment, don't skip this video; learn how to fix check-off issues, refresh the browser, and complete the course with a certificate, with Udemy support if needed.
Learn how to redo simulations after completing an assignment by navigating to summary, returning to the assignment, and opening the instructions to access the simulation link anytime.
Create, configure, and manage users across Microsoft Entra ID, Azure portal, and Microsoft 365 admin centers by setting user principal names, licenses, groups, and roles.
Explore the four Azure and Microsoft 365 group types—Microsoft 365 groups, distribution groups, mail-enabled security groups, and security groups—highlighting their access, email, and dynamic versus assigned membership.
Create and manage Microsoft 365 groups in the admin center, including choosing group types (Microsoft 365, distribution, security, mail-enabled), setting owners, adding members, and configuring privacy, email, and shared workspace.
Learn to create and manage Azure AD groups in the Azure portal, including Microsoft 365 and security groups, with dynamic and manual membership rules using expressions.
Automate user creation in bulk with the Microsoft Entra portal by downloading a CSV template from portal.azure.com, populating tenant and domain details, and importing for bulk enrollment.
Differentiate Entra ID registered devices (BYOD) from joined and hybrid joined devices, and show how Intune enables single sign-on, conditional access, and app protection for company resources.
Join a Windows 11 device to Microsoft Entra ID during the out-of-box experience by signing in with an organization account and verifying the device shows as Entra joined in portal.azure.com.
Learn how to register a personal device with Microsoft Entra ID, distinguish between registered and joined devices, apply company policies, and view device status in the Azure portal.
Learn to manage and monitor Microsoft 365 licenses, assign to individuals or groups, explore marketplace options, compare plans, and view usage reports for active users.
Explore foundation concepts of PowerShell for administration, including verb-noun syntax, cmdlets like get service, parameters, piping, intellisense, remote sessions, and basic scripting.
Install the Microsoft Graph PowerShell module from the PowerShell Gallery, set bypass execution policy, and connect to Graph with scopes for users and groups.
Learn to manage users and groups with PowerShell using Graph and Microsoft Entra, including viewing, creating, bulk enrolling from csv, and assigning licenses.
Configure external collaboration in Microsoft Entra ID to manage guest access, invite permissions, guest self-service sign up, and domain restrictions for secure cross-tenant collaboration.
Invite external users to authenticate in your Microsoft environment by sending individual or bulk invitations via portal.azure.com, configuring redirect URLs, guest roles, and CSV-based bulk import.
Manage external users in Microsoft Entra ID as regular users, filter by invitation state, edit properties, deactivate or delete accounts, and assign licenses through the Microsoft 365 admin center.
Enable cross tenant synchronization to share user accounts across partner or acquired tenants, automating identity lifecycle with Microsoft Entra and choosing manual or automatic provisioning.
Configure external identity providers in Azure Entra by adding custom providers that support OpenID Connect, SAML, or WS-Fed, linking third-party or non-Microsoft identities and importing metadata to enable authentication.
Compare intra connect sync and intra cloud sync for linking on-premises Active Directory with Entra ID, detailing authentication options, writebacks, high availability, and deployment footprint to choose the right approach.
Evaluate intra connect sync and intra cloud sync as hybrid solutions for Azure and Microsoft 365, detailing password hash synchronization, PTA, and ADFS or Ping Federate, plus write-back and redundancy.
Prepare on-premises Active Directory for cloud synchronization by using the IdFix tool to identify and fix spaces in user principal names before connecting to Microsoft inter ID.
Configure Microsoft Entra Connect Sync with password hash synchronization and seamless single sign-on. Select an organizational unit to sync, create sample on premises users, and customize synchronization settings.
Configure a quick Azure domain with a Windows Server domain controller, install AD DS, and set up Microsoft Entra Cloud Sync with password hash sync to synchronize a test user.
Learn how to monitor and troubleshoot Microsoft Entra Connect Health for Interconnect Sync, view health analytics, install health agents on domain controllers and federated servers, and review sync errors.
Learn how Microsoft Entra ID authenticates users for Azure and Microsoft 365 using primary and secondary methods, including passwordless options like Windows Hello, FIDO2, and Microsoft Authenticator app for MFA.
Explore the core concepts of multi-factor authentication (MFA), its factors, and how risk-based adaptive MFA with conditional access protects Entra ID and Microsoft 365 from phishing and credential stuffing.
Learn to implement and manage tenant-wide multi-factor authentication in Microsoft 365 and Azure by configuring security defaults, authentication methods, and conditional access policies to enforce MFA for users.
Enable self-service password reset (SSPR) for all users and configure authentication methods, including MFA and password write back for synced hybrid environments.
Configure Microsoft Entra password protection, including lockout thresholds, banned passwords, and expiration, for cloud identities. Understand how on-premises policies interact with synchronized accounts.
Explore Microsoft azure conditional access, using signals from identities, devices, apps, and data under a zero-trust model, to enforce access decisions such as block, MFA, or device compliance.
Create conditional access policies in the azure portal linked to Azure AD, assign to users or groups, target cloud apps and devices, and set risk- and MFA-based conditions.
Learn to test and troubleshoot conditional access policies in Azure or Microsoft Entra portals by creating a test policy and using the what-if tool to simulate blocks and logon issues.
Create a conditional access policy from a Microsoft template, choose templates like block legacy authentication, enable report-only mode, and review sign-in reports to monitor risk.
Explore how Microsoft Entra Identity Protection detects, investigates, and remediates identity-based risks. Focus on risky users and sign-ins, auto remediation, MFA, and SIEM integration with Azure Monitor and Sentinel.
Explore configuring intra-identity protection with risk-based conditional access, focusing on user and sign-in risk levels (low, medium, high) and enforcing MFA for medium and high risk.
Create custom azure roles using the IAM blade, distinguishing the control plane and data plane, and assign read, write, and delete permissions to resources in a resource group.
Assign built-in and custom Azure roles to users or service principals via the Azure portal's access control IAM blade, review permissions, and complete the role assignment in a resource group.
Explore how to view effective permissions in Azure via access control (IAM), check access for users, review role assignments and deny assignments, and navigate resource groups and resources.
Learn how to assign Azure roles to enable Microsoft Entra ID login to an Azure virtual machine, using the virtual machine administrator login or virtual machine user login roles.
We really hope you'll agree, this training is way more then the average course on Udemy!
Have access to the following:
Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
Instructor led hands on and simulations to practice that can be followed even if you have little to no experience
TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:
Introduction
Welcome to the course
Understanding the Microsoft Environment
A Solid Foundation of Active Directory Domains
A Solid Foundation of RAS, DMZ, and Virtualization
A Solid Foundation of the Microsoft Cloud Services
Creating a free Microsoft 365 Azure AD Account
IMPORTANT Using Assignments in the course
How to setup a Practice Lab
Introduction to building a practice lab
Downloading a Windows 10 ISO
Downloading Windows Server 2019 ISO
Getting Hyper-V Installed on Windows
Creating a Virtual Switch in Hyper-V
Installing a Windows 10 Virtual Machine
Installing a Windows Server 2019 Virtual Machine
Installing Active Directory on Windows Server 2019
Joining a Windows 10 Computer to a Microsoft Domain
Configure and manage a Microsoft Entra tenant
The First Concepts to know about Microsoft's Cloud Services
Basics of using the Azure AD Portal
Azure and Microsoft 365 share the Azure AD Services
Evaluate effective permissions for Microsoft Entra roles
Configuring and managing Entra ID directory roles
Configure and manage roles in Microsoft 365
Custom Domains in Microsoft 365 / Azure AD
Configuring and Managing Device Registration Options
Understanding Administrative Units
Configuring Delegation by using Administrative Units
Configuring Tenant-Wide Settings
Managing Services using PowerShell
Foundation of Administration with PowerShell
Connecting PowerShell to Azure
Using PowerShell to manage Entra ID (formerly Azure AD)
Create, configure, and manage Microsoft Entra identities
Understanding the Concepts of User Identities
Creating, Configuring and giving a license to User Identities
Management of User Creation in Bulk
Understanding Creation and Management of Groups
Groups management using the Microsoft 365 Admin Center
Creating, Configuring, and Managing Groups in Azure AD
Managing Licenses for User Identities in Azure AD
Implement and manage identities for external users and tenants
Managing external collaboration settings in Azure Active Directory
Inviting external users (individually or in bulk)
Managing external user accounts in Azure Active Directory
Implement and manage hybrid identity
Planning for Azure AD/Microsoft 365 Hybrid On-Premises Infrastructure
Planning out the Identity and Authentication Solutions
Configuring On-Premise Active Directory to Support Additional Domain Names
Adding and Verifying Additional Domains Names in Microsoft 365/Azure
Setting the Primary Domain Name
Configuring User Identities for using a New Domain Name
Evaluating Requirements & Solutions for Sync for PHS, PTA, & ADFS SAML Federation
Evaluating the Requirements and Solutions for Hybrid Identity Management
Evaluating the Requirements and Solutions for Authentication
Migration of On-Prem Users and Groups
Understanding SSO, PHS, PTA and ADFS Federations Concepts
Using IDFIX to clean AD before syncing with Azure AD
Implementing Directory Synchronization with Directory Services, Federation Services, and Azure AD
Identifying Users and Parameters to be Migrated
Confirming the Data to be Migrated and Method and the Sync Process
Using Azure AD Connect Health and looking for synchronization errors
Plan, implement, and manage Microsoft Entra user authentication
Administering Authentication Methods (FIDO2 / Passwordless)
Implementing an Authentication Solution based on Windows Hello for Business
Enabling the FIDO2 Based Security Method in Azure AD
Understanding the concepts of Multifactor Authentications (MFA)
Administering and Configuring Multifactor Authentication (MFA)
Password protection within Azure AD, and Smart Lockout On-Premise ADDS
Configuring and Deploying Self-Service Password Reset (SSPR)
Implementing and Managing Tenant Restrictions
Plan, implement, and manage Microsoft Entra Conditional Access
Understanding Security Defaults
Using Conditional Access Policies
Implementing Conditional Access Policy Controls and Assignments
Implementing Application Controls within Conditional Access Policies
Implementing Session Management within Conditional Access Policies
Testing and Troubleshooting Conditional Access Policies
Manage risk by using Microsoft Entra ID Protection
Understanding Azure AD Identity Protection with User & Sign-in Risk Policies
Enabling & Monitoring Azure AD Identity Protection User & Sign-in Risk Policies
Implement access management for Azure resources by using Azure roles
Create custom Azure roles, including both control plane & data plane permissions
Assign built-in and custom Azure roles
Evaluate effective permissions for a set of Azure roles
Assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines
Configure Azure Key Vault role-based access control (RBAC) and access policies
Implement Global Secure Access
Introduction to Global Secure Access
Deploy Global Secure Access clients
Deploy Private Access
Deploy Internet Access
Deploy Internet Access for Microsoft 365
Download and install the Global Secure Access client software
Plan and implement identities for applications and Azure workloads
Select appropriate identities for applications and Azure workloads
Create managed identities
Assign a managed identity to an Azure resource
Use a managed identity assigned to an Azure resource to access other resources
Plan, implement, and monitor the integration of enterprise applications
Plan and implement settings for enterprise applications, app & tenant level
Assign appropriate Microsoft Entra roles to users to manage enterprise apps
Design and implement integration for on-premises apps by using Entra App Proxy
Design and implement integration for software as a service (SaaS) apps
Assign, classify, and manage users, groups, and app roles for enterprise apps
Configure and manage user and admin consent
Create and manage application collections
Plan and implement app registrations
Plan for app registrations
Create app registrations
Configure app authentication
Configure API permissions
Create app roles
Manage and monitor app access by using Microsoft Defender for Cloud Apps
Understanding Microsoft Defender for Cloud Apps
Configure and analyze cloud discovery results by using Defender for Cloud Apps
Configure connected apps
Implement application-enforced restrictions
Conditional Access app control along with access and session policies
Implement and manage policies including OAuth apps
Manage the Cloud app catalog
Plan and implement entitlement management in Microsoft Entra
Defining Catalogs for Entitlement Management
Defining Access Packages
Planning, Implementing and Managing Entitlements with Access Packages
Exploring the user side of Entitlement within Azure AD
Implementing and managing Terms of Use
Managing the lifecycle of external users in Azure AD Identity Governance Settings
Plan, implement, and manage access reviews in Microsoft Entra
Implementing and Configuring Access Reviews in Entra ID (formerly Azure AD)
Plan and implement privileged access
Understanding Privileged Identity Management (PIM)
Implementing & Configuring Privileged Identity Management (PIM)
Analyzing PIM audit history reports
Break-glass accounts
Implementing and Configuring Access Reviews in Entra ID
Monitor identity activity by using logs, workbooks, and reports
Review & analyze sign-in, audit, & provisioning logs in the Entra admin center
Configure diagnostic settings, with Log Analytics, storage accounts, & event hub
What is Kusto Query Language (KQL)?
Accessing Microsoft's Demo environment for learning KQL
Basic KQL syntax
KQL filtering with time ranges
How to display columns, amounts and characters with KQL
Using variables and combining output data with KQL
Monitor Microsoft Entra ID by using KQL queries in Log Analytics
Analyze Microsoft Entra ID by using workbooks and reporting
Monitor and improve the security posture by using Identity Secure Score