SC-300 Course: Microsoft Identity and Access Administrator

We really hope you'll agree, this training is way more then the average course on Udemy!

Have access to the following:

• Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer

• Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material

• Instructor led hands on and simulations to practice that can be followed even if you have little to no experience

TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:

Introduction

• Welcome to the course

• Understanding the Microsoft Environment

• A Solid Foundation of Active Directory Domains

• A Solid Foundation of RAS, DMZ, and Virtualization

• A Solid Foundation of the Microsoft Cloud Services

• Creating a free Microsoft 365 Azure AD Account

• IMPORTANT Using Assignments in the course

How to setup a Practice Lab

• Introduction to building a practice lab

• Downloading a Windows 10 ISO

• Downloading Windows Server 2019 ISO

• Getting Hyper-V Installed on Windows

• Creating a Virtual Switch in Hyper-V

• Installing a Windows 10 Virtual Machine

• Installing a Windows Server 2019 Virtual Machine

• Installing Active Directory on Windows Server 2019

• Joining a Windows 10 Computer to a Microsoft Domain

Configure and manage a Microsoft Entra tenant

• The First Concepts to know about Microsoft's Cloud Services

• Basics of using the Azure AD Portal

• Azure and Microsoft 365 share the Azure AD Services

• Evaluate effective permissions for Microsoft Entra roles

• Configuring and managing Entra ID directory roles

• Configure and manage roles in Microsoft 365

• Custom Domains in Microsoft 365 / Azure AD

• Configuring and Managing Device Registration Options

• Understanding Administrative Units

• Configuring Delegation by using Administrative Units

• Configuring Tenant-Wide Settings

Managing Services using PowerShell

• Foundation of Administration with PowerShell

• Connecting PowerShell to Azure

• Using PowerShell to manage Entra ID (formerly Azure AD)

Create, configure, and manage Microsoft Entra identities

• Understanding the Concepts of User Identities

• Creating, Configuring and giving a license to User Identities

• Management of User Creation in Bulk

• Understanding Creation and Management of Groups

• Groups management using the Microsoft 365 Admin Center

• Creating, Configuring, and Managing Groups in Azure AD

• Managing Licenses for User Identities in Azure AD

Implement and manage identities for external users and tenants

• Managing external collaboration settings in Azure Active Directory

• Inviting external users (individually or in bulk)

• Managing external user accounts in Azure Active Directory

Implement and manage hybrid identity

• Planning for Azure AD/Microsoft 365 Hybrid On-Premises Infrastructure

• Planning out the Identity and Authentication Solutions

• Configuring On-Premise Active Directory to Support Additional Domain Names

• Adding and Verifying Additional Domains Names in Microsoft 365/Azure

• Setting the Primary Domain Name

• Configuring User Identities for using a New Domain Name

• Evaluating Requirements & Solutions for Sync for PHS, PTA, & ADFS SAML Federation

• Evaluating the Requirements and Solutions for Hybrid Identity Management

• Evaluating the Requirements and Solutions for Authentication

• Migration of On-Prem Users and Groups

• Understanding SSO, PHS, PTA and ADFS Federations Concepts

• Using IDFIX to clean AD before syncing with Azure AD

• Implementing Directory Synchronization with Directory Services, Federation Services, and Azure AD

• Identifying Users and Parameters to be Migrated

• Confirming the Data to be Migrated and Method and the Sync Process

• Using Azure AD Connect Health and looking for synchronization errors

Plan, implement, and manage Microsoft Entra user authentication

• Administering Authentication Methods (FIDO2 / Passwordless)

• Implementing an Authentication Solution based on Windows Hello for Business

• Enabling the FIDO2 Based Security Method in Azure AD

• Understanding the concepts of Multifactor Authentications (MFA)

• Administering and Configuring Multifactor Authentication (MFA)

• Password protection within Azure AD, and Smart Lockout On-Premise ADDS

• Configuring and Deploying Self-Service Password Reset (SSPR)

• Implementing and Managing Tenant Restrictions

Plan, implement, and manage Microsoft Entra Conditional Access

• Understanding Security Defaults

• Using Conditional Access Policies

• Implementing Conditional Access Policy Controls and Assignments

• Implementing Application Controls within Conditional Access Policies

• Implementing Session Management within Conditional Access Policies

• Testing and Troubleshooting Conditional Access Policies

Manage risk by using Microsoft Entra ID Protection

• Understanding Azure AD Identity Protection with User & Sign-in Risk Policies

• Enabling & Monitoring Azure AD Identity Protection User & Sign-in Risk Policies

Implement access management for Azure resources by using Azure roles

• Create custom Azure roles, including both control plane & data plane permissions

• Assign built-in and custom Azure roles

• Evaluate effective permissions for a set of Azure roles

• Assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines

• Configure Azure Key Vault role-based access control (RBAC) and access policies

Implement Global Secure Access

• Introduction to Global Secure Access

• Deploy Global Secure Access clients

• Deploy Private Access

• Deploy Internet Access

• Deploy Internet Access for Microsoft 365

• Download and install the Global Secure Access client software

Plan and implement identities for applications and Azure workloads

• Select appropriate identities for applications and Azure workloads

• Create managed identities

• Assign a managed identity to an Azure resource

• Use a managed identity assigned to an Azure resource to access other resources

Plan, implement, and monitor the integration of enterprise applications

• Plan and implement settings for enterprise applications, app & tenant level

• Assign appropriate Microsoft Entra roles to users to manage enterprise apps

• Design and implement integration for on-premises apps by using Entra App Proxy

• Design and implement integration for software as a service (SaaS) apps

• Assign, classify, and manage users, groups, and app roles for enterprise apps

• Configure and manage user and admin consent

• Create and manage application collections

Plan and implement app registrations

• Plan for app registrations

• Create app registrations

• Configure app authentication

• Configure API permissions

• Create app roles

Manage and monitor app access by using Microsoft Defender for Cloud Apps

• Understanding Microsoft Defender for Cloud Apps

• Configure and analyze cloud discovery results by using Defender for Cloud Apps

• Configure connected apps

• Implement application-enforced restrictions

• Conditional Access app control along with access and session policies

• Implement and manage policies including OAuth apps

• Manage the Cloud app catalog

Plan and implement entitlement management in Microsoft Entra

• Defining Catalogs for Entitlement Management

• Defining Access Packages

• Planning, Implementing and Managing Entitlements with Access Packages

• Exploring the user side of Entitlement within Azure AD

• Implementing and managing Terms of Use

• Managing the lifecycle of external users in Azure AD Identity Governance Settings

Plan, implement, and manage access reviews in Microsoft Entra

• Implementing and Configuring Access Reviews in Entra ID (formerly Azure AD)

Plan and implement privileged access

• Understanding Privileged Identity Management (PIM)

• Implementing & Configuring Privileged Identity Management (PIM)

• Analyzing PIM audit history reports

• Break-glass accounts

• Implementing and Configuring Access Reviews in Entra ID

Monitor identity activity by using logs, workbooks, and reports

• Analyzing and investigating sign-in logs to troubleshoot access issues

• Reviewing and monitoring Azure AD audit logs

• Understanding the concepts of Azure Sentinel

• Enabling Azure AD diagnostic logs with Log Analytics / Azure Sentinel

• Azure AD activity by using Log Analytics / Azure Sentinel, Workbooks, excluding KQL use

• Exporting sign-in and audit logs to a third-party SIEM

• Configuring notifications

Plan and implement Microsoft Entra Permissions Management

• Visualizing the need for Entra Permissions Management

• Onboard Entra Permissions Management licensing

• Onboard Azure subscriptions to Permissions Management

• Evaluate and remediate risks relating to Azure identities, resources, and tasks

• Evaluate and remediate risks relating to Azure highly privileged roles

• Evaluate and remediate risks relating to Permissions Creep Index (PCI) in Azure

• Configure activity alerts and triggers for Azure subscriptions