Back to catalogue

Microsoft Identity and Access Administrator (SC-300T00)

Become essential and develop the skills to implement identity management solutions based on Microsoft Azure AD and connected identity technologies.
Microsoft Partner

Upcoming sessions

Show all sessions
  • Duration: 4 days
  • Regular price: $2,395
  • Preferential price: $2,040

Course outline

Duration: 4 days

This course provides IT Identity and Access Professional, along with IT Security Professional, with the knowledge and skills needed to implement identity management solutions based on Microsoft Azure AD, and it connected identity technologies. This course includes identity content for Azure AD, enterprise application registration, conditional access, identity governance, and other identity tools.

Audience

This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialize in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organization.

Prerequisites

Before attending this course, students should have understanding of:

  • Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.

  • Be familiar with identity concepts such as authentication, authorization, and active directory.

  • Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.

  • Some experience with Windows and Linux operating systems and scripting languages is helpful but not required. Course labs may use PowerShell and the CLI.

Objectives

  • Implement an identity management solution
  • Implement an authentication and access management solutions
  • Implement access management for apps
  • Plan and implement an identity governancy strategy

Teaching method

  • Instructor-led training

Contents

Module 1: Implement an identity management solution

Learn to create and manage your initial Azure Active Directory (Azure AD) implementation and configure the users, groups, and external identities you will use to run your solution.

Lessons

  • Implement Initial configuration of Azure AD

  • Create, configure, and manage identities

  • Implement and manage external identities

  • Implement and manage hybrid identity

Lab : Manage user roles

Lab : Setting tenant-wide properties

Lab : Assign licenses to users

Lab : Restore or remove deleted users

Lab : Add groups in Azure AD

Lab : Change group license assignments

Lab : Change user license assignments

Lab : Configure external collaboration

Lab : Add guest users to the directory

Lab : Explore dynamic groups

After completing this module, students will be able to:

  • Deploy an initial Azure AD with custom settings

  • Manage both internal and external identities

  • Implement a hybrid identity solution

Module 2: Implement an authentication and access management solution

Implement and administer your access management using Azure AD. Use MFA, conditional access, and identity protection to manager your identity solution.

Lessons

  • Secure Azure AD user with MFA

  • Manage user authentication

  • Plan, implement, and administer conditional access

  • Manage Azure AD identity protection

Lab : Configure Azure AD MFA authentication registration policy

Lab : Enable sign-in risk policy

Lab : Manage Azure AD smart lockout values

Lab : Configure authentication session controls

Lab : Implement conditional access policies, roles, and assignments

Lab : Work with security defaults

Lab : Configure and deploy self-service password reset (SSPR)

Lab : Enable Azure AD MFA

After completing this module, students will be able to:

  • Configure and manage user authentication including MFA

  • Control access to resources using conditional access

  • Use Azure AD Identity Protection to protect your organization

Module 3: Implement access management for Apps

Explore how applications can and should be added to your identity and access solution with application registration in Azure AD.

Lessons

  • Plan and design the integration of enterprise for SSO

  • Implement and monitor the integration of enterprise apps for SSO

  • Implement app registration

Lab : Implement access management for apps

Lab : Create a custom role to management app registration

Lab : Register an application

Lab : Grant tenant-wide admin consent to an application

Lab : Add app roles to applications and recieve tokens

After completing this module, students will be able to:

  • Register a new application to your Azure AD

  • Plan and implement SSO for enterprise application

  • Monitor and maintain enterprise applications

Module 4: Plan and implement an identity governancy strategy

Design and implement identity governance for your identity solution using entitlement, access reviews, privileged access, and monitoring your Azure Active Directory (Azure AD).

Lessons

  • Plan and implement entitlement management

  • Plan, implement, and manage access reviews

  • Plan and implement privileged access

  • Monitor and maintain Azure AD

Lab : Configure PIM for Azure AD roles

Lab : Assign Azure AD role in PIM

Lab : Assign Azure resource roles in PIM

Lab : Connect data from Azure AD to Azure Sentinel

Lab : Create access reviews for groups and apps

Lab : Manage the lifecycle of external users with Azure AD identity governance

Lab : Add terms of use acceptance report

Lab : Create and manage a resource catalog with Azure AD entitlement

After completing this module, students will be able to:

  • Manage and maintain Azure AD from creation to solution

  • Use access reviews to maintain your Azure AD

  • Grant access to users with entitlement management

Surround yourself with the best

Philippe Paradis
Philippe Paradis
Certified Trainer and IT Consultant
Philippe Paradis is a results-oriented IT specialist with more than 20 years of experience. A Certified Microsoft Trainer (MCT) since 1998, he has built up his expertise by pursuing certifications as a Microsoft Certified Solutions Expert (MCSE), a Microsoft Certified Solutions Associate (MCSA) and a Microsoft Certified Technology Specialist in Virtualization. He has also developed expertise in cloud-based applications, including Microsoft Azure and Amazon Web Services (AWS).
Charles Bourgon
Trainer
Frédéric Paradis
Frédéric Paradis
Certified Trainer and Cloud Architect
As a certified Microsoft trainer, Frédéric describes himself as a Cloud magician who easily navigates the mythical space between technology and reality.
Marc Maisonneuve
Marc Maisonneuve
Training program director
Marc Maisonneuve has acted as a Training Program Director, professional effectiveness trainer and user tools practice leader at AFI for several years. Mr. Maisonneuve is known for his analytical skills, his legendary calm and his undeniable desire to encourage people to develop their skills. He has the ability to present technological solutions in a natural way and to adapt them to the concrete needs of the workplace.