SC-300 Course: Microsoft Identity and Access Administrator
What you'll learn
- Learn the concepts and perform hands on activities needed to pass the SC-300 exam
- Gain a tremendous amount of knowledge involving Microsoft 365 and Azure Services
- Get loads of hands on experience with Microsoft 365 and Azure AD
- Utilize hands on simulations that can be access anytime, anywhere!
Requirements
- Willingness to put in the time and practice the steps shown in the course
Description
We really hope you'll agree, this training is way more then the average course on Udemy!
Have access to the following:
Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
Instructor led hands on and simulations to practice that can be followed even if you have little to no experience
TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:
Introduction
Welcome to the course
Understanding the Microsoft Environment
A Solid Foundation of Active Directory Domains
A Solid Foundation of RAS, DMZ, and Virtualization
A Solid Foundation of the Microsoft Cloud Services
Creating a free Microsoft 365 Azure AD Account
IMPORTANT Using Assignments in the course
How to setup a Practice Lab
Introduction to building a practice lab
Downloading a Windows 10 ISO
Downloading Windows Server 2019 ISO
Getting Hyper-V Installed on Windows
Creating a Virtual Switch in Hyper-V
Installing a Windows 10 Virtual Machine
Installing a Windows Server 2019 Virtual Machine
Installing Active Directory on Windows Server 2019
Joining a Windows 10 Computer to a Microsoft Domain
Configure and manage a Microsoft Entra tenant
The First Concepts to know about Microsoft's Cloud Services
Basics of using the Azure AD Portal
Azure and Microsoft 365 share the Azure AD Services
Evaluate effective permissions for Microsoft Entra roles
Configuring and managing Entra ID directory roles
Configure and manage roles in Microsoft 365
Custom Domains in Microsoft 365 / Azure AD
Configuring and Managing Device Registration Options
Understanding Administrative Units
Configuring Delegation by using Administrative Units
Configuring Tenant-Wide Settings
Managing Services using PowerShell
Foundation of Administration with PowerShell
Connecting PowerShell to Azure
Using PowerShell to manage Entra ID (formerly Azure AD)
Create, configure, and manage Microsoft Entra identities
Understanding the Concepts of User Identities
Creating, Configuring and giving a license to User Identities
Management of User Creation in Bulk
Understanding Creation and Management of Groups
Groups management using the Microsoft 365 Admin Center
Creating, Configuring, and Managing Groups in Azure AD
Managing Licenses for User Identities in Azure AD
Implement and manage identities for external users and tenants
Managing external collaboration settings in Azure Active Directory
Inviting external users (individually or in bulk)
Managing external user accounts in Azure Active Directory
Implement and manage hybrid identity
Planning for Azure AD/Microsoft 365 Hybrid On-Premises Infrastructure
Planning out the Identity and Authentication Solutions
Configuring On-Premise Active Directory to Support Additional Domain Names
Adding and Verifying Additional Domains Names in Microsoft 365/Azure
Setting the Primary Domain Name
Configuring User Identities for using a New Domain Name
Evaluating Requirements & Solutions for Sync for PHS, PTA, & ADFS SAML Federation
Evaluating the Requirements and Solutions for Hybrid Identity Management
Evaluating the Requirements and Solutions for Authentication
Migration of On-Prem Users and Groups
Understanding SSO, PHS, PTA and ADFS Federations Concepts
Using IDFIX to clean AD before syncing with Azure AD
Implementing Directory Synchronization with Directory Services, Federation Services, and Azure AD
Identifying Users and Parameters to be Migrated
Confirming the Data to be Migrated and Method and the Sync Process
Using Azure AD Connect Health and looking for synchronization errors
Plan, implement, and manage Microsoft Entra user authentication
Administering Authentication Methods (FIDO2 / Passwordless)
Implementing an Authentication Solution based on Windows Hello for Business
Enabling the FIDO2 Based Security Method in Azure AD
Understanding the concepts of Multifactor Authentications (MFA)
Administering and Configuring Multifactor Authentication (MFA)
Password protection within Azure AD, and Smart Lockout On-Premise ADDS
Configuring and Deploying Self-Service Password Reset (SSPR)
Implementing and Managing Tenant Restrictions
Plan, implement, and manage Microsoft Entra Conditional Access
Understanding Security Defaults
Using Conditional Access Policies
Implementing Conditional Access Policy Controls and Assignments
Implementing Application Controls within Conditional Access Policies
Implementing Session Management within Conditional Access Policies
Testing and Troubleshooting Conditional Access Policies
Manage risk by using Microsoft Entra ID Protection
Understanding Azure AD Identity Protection with User & Sign-in Risk Policies
Enabling & Monitoring Azure AD Identity Protection User & Sign-in Risk Policies
Implement access management for Azure resources by using Azure roles
Create custom Azure roles, including both control plane & data plane permissions
Assign built-in and custom Azure roles
Evaluate effective permissions for a set of Azure roles
Assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines
Configure Azure Key Vault role-based access control (RBAC) and access policies
Implement Global Secure Access
Introduction to Global Secure Access
Deploy Global Secure Access clients
Deploy Private Access
Deploy Internet Access
Deploy Internet Access for Microsoft 365
Download and install the Global Secure Access client software
Plan and implement identities for applications and Azure workloads
Select appropriate identities for applications and Azure workloads
Create managed identities
Assign a managed identity to an Azure resource
Use a managed identity assigned to an Azure resource to access other resources
Plan, implement, and monitor the integration of enterprise applications
Plan and implement settings for enterprise applications, app & tenant level
Assign appropriate Microsoft Entra roles to users to manage enterprise apps
Design and implement integration for on-premises apps by using Entra App Proxy
Design and implement integration for software as a service (SaaS) apps
Assign, classify, and manage users, groups, and app roles for enterprise apps
Configure and manage user and admin consent
Create and manage application collections
Plan and implement app registrations
Plan for app registrations
Create app registrations
Configure app authentication
Configure API permissions
Create app roles
Manage and monitor app access by using Microsoft Defender for Cloud Apps
Understanding Microsoft Defender for Cloud Apps
Configure and analyze cloud discovery results by using Defender for Cloud Apps
Configure connected apps
Implement application-enforced restrictions
Conditional Access app control along with access and session policies
Implement and manage policies including OAuth apps
Manage the Cloud app catalog
Plan and implement entitlement management in Microsoft Entra
Defining Catalogs for Entitlement Management
Defining Access Packages
Planning, Implementing and Managing Entitlements with Access Packages
Exploring the user side of Entitlement within Azure AD
Implementing and managing Terms of Use
Managing the lifecycle of external users in Azure AD Identity Governance Settings
Plan, implement, and manage access reviews in Microsoft Entra
Implementing and Configuring Access Reviews in Entra ID (formerly Azure AD)
Plan and implement privileged access
Understanding Privileged Identity Management (PIM)
Implementing & Configuring Privileged Identity Management (PIM)
Analyzing PIM audit history reports
Break-glass accounts
Implementing and Configuring Access Reviews in Entra ID
Monitor identity activity by using logs, workbooks, and reports
Analyzing and investigating sign-in logs to troubleshoot access issues
Reviewing and monitoring Azure AD audit logs
Understanding the concepts of Azure Sentinel
Enabling Azure AD diagnostic logs with Log Analytics / Azure Sentinel
Azure AD activity by using Log Analytics / Azure Sentinel, Workbooks, excluding KQL use
Exporting sign-in and audit logs to a third-party SIEM
Configuring notifications
Plan and implement Microsoft Entra Permissions Management
Visualizing the need for Entra Permissions Management
Onboard Entra Permissions Management licensing
Onboard Azure subscriptions to Permissions Management
Evaluate and remediate risks relating to Azure identities, resources, and tasks
Evaluate and remediate risks relating to Azure highly privileged roles
Evaluate and remediate risks relating to Permissions Creep Index (PCI) in Azure
Configure activity alerts and triggers for Azure subscriptions
Who this course is for:
- IT people interested in learning and passing the Microsoft SC-300 Exam
- People interested in learning a tremendous amount about Microsoft 365 and Azure Service
Instructor
John Christopher is a Technical Instructor that has been in the business for 25 years. His first experience with information technology occurred in the early 90s when he ran an MS-DOS based BBS(Bulletin Board System) as a System Operator. In the late 90s, after working with Windows NT 3.50 performing backups for Regal Group, he decided to get Windows NT Microsoft Certified.
In 1998 he got his first Microsoft Certified Systems Engineer and Microsoft Certified Trainer certification. Shortly after getting certified, he began working as a Junior Administrator and Instructor for Knowledge Alliance. From there John was able to become one of the first people in the world to gain an MCSE for the Windows 2000 operating system and he began teaching full time for a company called Productivity Point International. At Productivity Point, John got Citrix Metaframe certified and began teaching Citrix along with Microsoft classes. Productivity Point began experiencing financial troubles and John moved on to work with another training company in 2001
For many years at the training company in Atlanta John was the network administrator and held the title of Senior Technical Instructor for the company. John designed and administered their network from the ground up, going from a single floor in a single building, to multiple floors in multiple buildings and locations. He furthered his certifications, gaining the MCSE for 2003, 2008(MCITP), 2012, A+, Network+, Security+, Exchange, and CCNA. Along with his Network admin duties, John taught hundreds of students during his 11 years for the company. During all his years of training, John has had the honor of doing lots of classes with the military, along with quite a few classes within on-site military bases. In 2012, he decided to break away from the company he had been working for and do consulting and contract teaching. Currently, John gets hired by many different training companies to teach technical training classes all over the United States. He is also hired as a consultant to go into companies and work on their networks and implement, along with troubleshoot real world scenarios.