Sc-300: Microsoft Identity And Access Administrator by Christopher Nett

Pass SC-300 | Elevate your Career

What you'll learn

Configure and manage a Microsoft Entra tenant

Create, configure, and manage Microsoft Entra identities

Implement and manage identities for external users and tenants

Implement and manage hybrid identity

Plan, implement, and manage Microsoft Entra user authentication

Plan, implement, and manage Microsoft Entra Conditional Access

Manage risk by using Microsoft Entra ID Protection

Implement access management for Azure resources by using Azure roles

Implement Global Secure Access

Plan and implement identities for applications and Azure workloads

Plan, implement, and monitor the integration of enterprise applications

Plan and implement app registrations

Manage and monitor app access by using Microsoft Defender for Cloud Apps

Plan and implement entitlement management in Microsoft Entra

Plan, implement, and manage access reviews in Microsoft Entra

Plan and implement privileged access

Monitor identity activity by using logs, workbooks, and reports

Plan and implement Microsoft Entra Permissions Management

Requirements

Basic IT Knowledge

Willingness to learn cool stuff!

Description

This SC-300 course by Christopher Nett is a meticulously organized Udemy course designed for IT professionals aiming to pass the SC-300: Microsoft Identity and Access Administrator exam. This course systematically guides you from the basics to advanced concepts of Microsoft Identity.The course is always aligned with Microsoft's latest study guide and exam objectives:Skills at a glanceImplement and manage user identities (20–25%)Implement authentication and access management (25–30%)Plan and implement workload identities (20–25%)Plan and automate identity governance (25–30%)Implement and manage user identities (20–25%)Configure and manage a Microsoft Entra tenantConfigure and manage built-in and custom Microsoft Entra rolesRecommend when to use administrative unitsConfigure and manage administrative unitsEvaluate effective permissions for Microsoft Entra rolesConfigure and manage domains in Microsoft Entra ID and Microsoft 365Configure Company branding settingsConfigure tenant properties, user settings, group settings, and device settingsCreate, configure, and manage Microsoft Entra identitiesCreate, configure, and manage usersCreate, configure, and manage groupsManage custom security attributesAutomate bulk operations by using the Microsoft Entra admin center and PowerShellManage device join and device registration in Microsoft Entra IDAssign, modify, and report on licensesImplement and manage identities for external users and tenantsManage External collaboration settings in Microsoft Entra IDInvite external users, individually or in bulkManage external user accounts in Microsoft Entra IDImplement Cross-tenant access settingsImplement and manage cross-tenant synchronizationConfigure external identity providers, including protocols such as SAML and WS-FedImplement and manage hybrid identityImplement and manage Microsoft Entra Connect SyncImplement and manage Microsoft Entra Cloud SyncImplement and manage password hash synchronizationImplement and manage pass-through authenticationImplement and manage seamless single sign-on (SSO)Migrate from AD FS to other authentication and authorization mechanismsImplement and manage Microsoft Entra Connect HealthImplement authentication and access management (25–30%)Plan, implement, and manage Microsoft Entra user authenticationPlan for authenticationImplement and manage authentication methods, including certificate-based, temporary access pass, OAUTH tokens, Microsoft Authenticator, and FIDO2Implement and manage tenant-wide Multi-factor Authentication (MFA) settingsConfigure and deploy self-service password reset (SSPR)Implement and manage Windows Hello for BusinessDisable accounts and revoke user sessionsImplement and manage Microsoft Entra password protectionEnable Microsoft Entra Kerberos authentication for hybrid identitiesPlan, implement, and manage Microsoft Entra Conditional AccessPlan Conditional Access policiesImplement Conditional Access policy assignmentsImplement Conditional Access policy controlsTest and troubleshoot Conditional Access policiesImplement session managementImplement device-enforced restrictionsImplement continuous access evaluationConfigure authentication contextImplement protected actionsCreate a Conditional Access policy from a templateManage risk by using Microsoft Entra ID ProtectionImplement and manage user risk by using Identity Protection or Conditional Access policiesImplement and manage sign-in risk by using Identity Protection or Conditional Access policiesImplement and manage Multifactor authentication registration policiesMonitor, investigate and remediate risky users and risky sign-insMonitor, investigate, and remediate risky workload identitiesImplement access management for Azure resources by using Azure rolesCreate custom Azure roles, including both control plane and data plane permissionsAssign built-in and custom Azure rolesEvaluate effective permissions for a set of Azure rolesAssign Azure roles to enable Microsoft Entra ID login to Azure virtual machinesConfigure Azure Key Vault role-based access control (RBAC) and access policiesImplement Global Secure AccessDeploy Global Secure Access clientsDeploy Private AccessDeploy Internet AccessDeploy Internet Access for Microsoft 365Plan and implement workload identities (20–25%)Plan and implement identities for applications and Azure workloadsSelect appropriate identities for applications and Azure workloads, including managed identities, service principals, user accounts, and managed service accountsCreate managed identitiesAssign a managed identity to an Azure resourceUse a managed identity assigned to an Azure resource to access other Azure resourcesPlan, implement, and monitor the integration of enterprise applicationsPlan and implement settings for enterprise applications, including application-level and tenant-level settingsAssign appropriate Microsoft Entra roles to users to manage enterprise applicationsDesign and implement integration for on-premises apps by using Microsoft Entra Application ProxyDesign and implement integration for software as a service (SaaS) appsAssign, classify, and manage users, groups, and app roles for enterprise applicationsConfigure and manage user and admin consentCreate and manage application collectionsPlan and implement app registrationsPlan for app registrationsCreate app registrationsConfigure app authenticationConfigure API permissionsCreate app rolesManage and monitor app access by using Microsoft Defender for Cloud AppsConfigure and analyze cloud discovery results by using Defender for Cloud AppsConfigure connected appsImplement application-enforced restrictionsConfigure Conditional Access app controlCreate access and session policies in Defender for Cloud AppsImplement and manage policies for OAuth appsManage the Cloud app catalogPlan and automate identity governance (25–30%)Plan and implement entitlement management in Microsoft EntraPlan entitlementsCreate and configure catalogsCreate and configure access packagesManage access requestsImplement and manage terms of use (ToU)Manage the lifecycle of external usersConfigure and manage connected organizationsPlan, implement, and manage access reviews in Microsoft EntraPlan for access reviewsCreate and configure access reviewsMonitor access review activityManually respond to access review activityPlan and implement privileged accessPlan and manage Microsoft Entra roles in Microsoft Entra Privileged Identity Management (PIM), including settings and assignmentsPlan and manage Azure resources in PIM, including settings and assignmentsPlan and configure groups managed by PIMManage the PIM request and approval processAnalyze PIM audit history and reportsCreate and manage break-glass accountsMonitor identity activity by using logs, workbooks, and reportsReview and analyze sign-in, audit, and provisioning logs by using the Microsoft Entra admin centerConfigure diagnostic settings, including configuring destinations such as Log Analytics workspaces, storage accounts, and event hubsMonitor Microsoft Entra ID by using KQL queries in Log AnalyticsAnalyze Microsoft Entra ID by using workbooks and reportingMonitor and improve the security posture by using Identity Secure ScorePlan and implement Microsoft Entra Permissions ManagementOnboard Azure subscriptions to Permissions ManagementEvaluate and remediate risks relating to Azure identities, resources, and tasksEvaluate and remediate risks relating to Azure highly privileged rolesEvaluate and remediate risks relating to Permissions Creep Index (PCI) in AzureConfigure activity alerts and triggers for Azure subscriptions

Overview

Section 1: Introduction

Lecture 1 Slides

Lecture 2 Basics

Lecture 3 FAQs

Section 2: Basics - Azure

Lecture 4 Cloud Computing Properties

Lecture 5 Cloud Computing Types

Lecture 6 Azure Global Backbone

Lecture 7 Shared Responsibility Model

Lecture 8 Azure Resource Hierarchy

Lecture 9 Azure Subscription Types

Lecture 10 Entra ID Tenants and Azure Subscriptions

Lecture 11 Create Your Azure Subscription

Section 3: Basics - Identity

Lecture 12 Authorization

Lecture 13 Authentication

Lecture 14 Identity Providers

Lecture 15 Federation

Lecture 16 Directory Services

Section 4: Basics - Microsoft Security

Lecture 17 Zero Trust

Lecture 18 The Microsoft Security Cosmos

Lecture 19 Defending Across Attack Chains

Section 5: Configure and manage a Microsoft Entra tenant

Lecture 20 Microsoft Entra

Lecture 21 Microsoft Entra ID

Lecture 22 Configure and manage built-in and custom Microsoft Entra roles

Lecture 23 Recommend when to use administrative units

Lecture 24 Configure and manage administrative units

Lecture 25 Evaluate effective permissions for Microsoft Entra roles

Lecture 26 Configure Company branding settings

Lecture 27 Configure tenant properties, user settings, group & device settings

Section 6: Create, configure, and manage Microsoft Entra identities

Lecture 28 User Identities

Lecture 29 Create, configure, and manage users

Lecture 30 Groups

Lecture 31 Create, configure, and manage groups

Lecture 32 Assign and modify licenses

Lecture 33 Bulk Operations

Section 7: Implement and manage identities for external users and tenants

Lecture 34 Entra ID External Identities

Lecture 35 Manage External collaboration settings in Microsoft Entra ID

Lecture 36 Implement Cross-tenant access settings

Lecture 37 Configure external identity providers, including protocols such as SAML

Section 8: Implement and manage hybrid identity

Lecture 38 Deploy Azure Resources for Hybrid Identity

Lecture 39 Setup Custom Domain

Lecture 40 Setup Active Directory

Lecture 41 Entra Connect

Lecture 42 Implement and manage Microsoft Entra Connect Sync

Lecture 43 Hybrid Authentication Options

Section 9: Plan, implement, and manage Microsoft Entra user authentication

Lecture 44 Plan for authentication

Lecture 45 Multi-Factor Authentication (MFA)

Lecture 46 Implement and manage tenant-wide Multi-factor Authentication (MFA) settings

Lecture 47 Implement and manage authentication methods

Lecture 48 Self-Service Password Reset (SSPR)

Lecture 49 Configure and deploy self-service password reset (SSPR)

Lecture 50 Disable accounts and revoke user sessions

Lecture 51 Microsoft Entra Password Protection

Lecture 52 Implement and manage Microsoft Entra password protection

Section 10: Plan, implement, and manage Microsoft Entra Conditional Access

Lecture 53 Plan Conditional Access policies

Lecture 54 Implement Conditional Access policy assignments

Lecture 55 Implement session management

Lecture 56 Test and troubleshoot Conditional Access policies

Lecture 57 Create a Conditional Access policy from a template

Section 11: Manage risk by using Microsoft Entra ID Protection

Lecture 58 Entra ID Protection

Lecture 59 Implement and manage user and sign-in risk

Section 12: Implement access management for Azure resources by using Azure roles

Lecture 60 Azure Role-Based-Acces-Control (RBAC)

Lecture 61 Azure RBAC vs. Entra ID Roles

Lecture 62 Create custom Azure roles

Lecture 63 Assign built-in and custom Azure roles

Lecture 64 Evaluate effective permissions for a set of Azure roles

Section 13: Implement Global Secure Access

Lecture 65 Global Secure Access

Lecture 66 Configure Traffic Profiles

Section 14: Plan and implement identities for applications and Azure workloads

Lecture 67 Managed identities

Lecture 68 Create and assign managed identities

Section 15: Plan, implement, and monitor the integration of enterprise applications

Lecture 69 Plan and implement settings for enterprise applications

Lecture 70 Assign appropriate Microsoft Entra roles to users to manage enterprise apps

Lecture 71 Design and implement integration for on-premises apps by using Entra App Proxy

Lecture 72 Design and implement integration for software as a service (SaaS) apps

Lecture 73 Assign, classify, and manage users, groups, and app roles for enterprise apps

Lecture 74 Configure and manage user and admin consent

Lecture 75 Create and manage application collections

Section 16: Plan and implement app registrations

Lecture 76 Create app registrations

Lecture 77 Configure app authentication

Lecture 78 Configure API permissions

Lecture 79 Create app roles

Section 17: Manage and monitor access by using Microsoft Defender Cloud Apps and Identity

Lecture 80 What is Defender XDR?

Lecture 81 Demo: Configure RBAC in Defender XDR

Lecture 82 Defender for Cloud Apps

Lecture 83 Cloud App Policies

Lecture 84 Manage the Cloud app catalog

Lecture 85 Defender for Identity

Lecture 86 NTLM

Lecture 87 Pass-the-Hash Attacks

Lecture 88 Kerberos

Lecture 89 Pass-The-Ticket Attacks

Lecture 90 Brute Force Attacks

Lecture 91 Remote Code Execution Attacks

Section 18: Plan and implement entitlement management in Microsoft Entra

Lecture 92 Plan entitlements

Lecture 93 Create and configure catalogs

Lecture 94 Create and configure access packages

Lecture 95 Implement and manage terms of use (ToU)

Section 19: Plan, implement, and manage access reviews in Microsoft Entra

Lecture 96 Plan for access reviews

Lecture 97 Create and configure access reviews

Section 20: Plan and implement privileged access

Lecture 98 Plan and manage Microsoft Entra roles in Microsoft Entra PIM

Lecture 99 Plan and manage Azure resources in PIM, including settings and assignments

Section 21: Monitor identity activity

Lecture 100 What is KQL?

Lecture 101 Demo: KQL Playground

Lecture 102 search

Lecture 103 where

Lecture 104 datetime & timespans

Lecture 105 count, dcount, summarize & top

Lecture 106 order, sort, take

Lecture 107 extend, project

Lecture 108 contains, startswith, endswith

Lecture 109 let

Lecture 110 render

Lecture 111 union

Lecture 112 inner join

Lecture 113 Sentinel for Entra ID Security Monitoring

Lecture 114 Sentinel Deployment Prerequisites

Lecture 115 Demo: Create an Azure Resource Group for Sentinel

Lecture 116 Demo: Create a Log Analytics Workspace

Lecture 117 Demo: Create a Sentinel Workspace

Lecture 118 Sentinel RBAC

Lecture 119 Demo: Azure RBAC for Sentinel

Lecture 120 Sentinel Data Sources

Lecture 121 Demo: Content Hub

Lecture 122 Demo: Ingesting Entra ID into Sentinel

Lecture 123 Demo: Verify Entra ID Ingestion

Lecture 124 Sentinel Workflow

Lecture 125 Analytic Rules

Lecture 126 Demo: Analytic Rules

Lecture 127 Scheduled Analytic Rules

Lecture 128 Demo: Scheduled Analytic Rules - Entra ID

Lecture 129 UEBA in Sentinel

Lecture 130 Demo: UEBA in Sentinel

Lecture 131 KQL Hunting Queries: Entra ID Brute Force

Lecture 132 KQL Hunting Queries: Suspicious Sign-in to privileged Accounts

Section 22: Plan Microsoft Entra Permissions Management (EPM)

Lecture 133 Entra Permissions Management (EPM)

Section 23: Bonus

Lecture 134 Bonus

SOC Analyst,Security Engineer,Security Consultant,Security Architect,Security Manager,Cloud Engineer,Cloud Architect,IT Manager,CISO,Identity Architect,IT Administrator