Sc-300: Microsoft Identity And Access Administrator by Christopher Nett
Sc-300: Microsoft Identity And Access Administrator
Published 3/2025
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.88 GB | Duration: 9h 24m
Published 3/2025
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.88 GB | Duration: 9h 24m
Pass SC-300 | Elevate your Career
What you'll learn
Configure and manage a Microsoft Entra tenant
Create, configure, and manage Microsoft Entra identities
Implement and manage identities for external users and tenants
Implement and manage hybrid identity
Plan, implement, and manage Microsoft Entra user authentication
Plan, implement, and manage Microsoft Entra Conditional Access
Manage risk by using Microsoft Entra ID Protection
Implement access management for Azure resources by using Azure roles
Implement Global Secure Access
Plan and implement identities for applications and Azure workloads
Plan, implement, and monitor the integration of enterprise applications
Plan and implement app registrations
Manage and monitor app access by using Microsoft Defender for Cloud Apps
Plan and implement entitlement management in Microsoft Entra
Plan, implement, and manage access reviews in Microsoft Entra
Plan and implement privileged access
Monitor identity activity by using logs, workbooks, and reports
Plan and implement Microsoft Entra Permissions Management
Requirements
Basic IT Knowledge
Willingness to learn cool stuff!
Description
This SC-300 course by Christopher Nett is a meticulously organized Udemy course designed for IT professionals aiming to pass the SC-300: Microsoft Identity and Access Administrator exam. This course systematically guides you from the basics to advanced concepts of Microsoft Identity.The course is always aligned with Microsoft's latest study guide and exam objectives:Skills at a glanceImplement and manage user identities (20–25%)Implement authentication and access management (25–30%)Plan and implement workload identities (20–25%)Plan and automate identity governance (25–30%)Implement and manage user identities (20–25%)Configure and manage a Microsoft Entra tenantConfigure and manage built-in and custom Microsoft Entra rolesRecommend when to use administrative unitsConfigure and manage administrative unitsEvaluate effective permissions for Microsoft Entra rolesConfigure and manage domains in Microsoft Entra ID and Microsoft 365Configure Company branding settingsConfigure tenant properties, user settings, group settings, and device settingsCreate, configure, and manage Microsoft Entra identitiesCreate, configure, and manage usersCreate, configure, and manage groupsManage custom security attributesAutomate bulk operations by using the Microsoft Entra admin center and PowerShellManage device join and device registration in Microsoft Entra IDAssign, modify, and report on licensesImplement and manage identities for external users and tenantsManage External collaboration settings in Microsoft Entra IDInvite external users, individually or in bulkManage external user accounts in Microsoft Entra IDImplement Cross-tenant access settingsImplement and manage cross-tenant synchronizationConfigure external identity providers, including protocols such as SAML and WS-FedImplement and manage hybrid identityImplement and manage Microsoft Entra Connect SyncImplement and manage Microsoft Entra Cloud SyncImplement and manage password hash synchronizationImplement and manage pass-through authenticationImplement and manage seamless single sign-on (SSO)Migrate from AD FS to other authentication and authorization mechanismsImplement and manage Microsoft Entra Connect HealthImplement authentication and access management (25–30%)Plan, implement, and manage Microsoft Entra user authenticationPlan for authenticationImplement and manage authentication methods, including certificate-based, temporary access pass, OAUTH tokens, Microsoft Authenticator, and FIDO2Implement and manage tenant-wide Multi-factor Authentication (MFA) settingsConfigure and deploy self-service password reset (SSPR)Implement and manage Windows Hello for BusinessDisable accounts and revoke user sessionsImplement and manage Microsoft Entra password protectionEnable Microsoft Entra Kerberos authentication for hybrid identitiesPlan, implement, and manage Microsoft Entra Conditional AccessPlan Conditional Access policiesImplement Conditional Access policy assignmentsImplement Conditional Access policy controlsTest and troubleshoot Conditional Access policiesImplement session managementImplement device-enforced restrictionsImplement continuous access evaluationConfigure authentication contextImplement protected actionsCreate a Conditional Access policy from a templateManage risk by using Microsoft Entra ID ProtectionImplement and manage user risk by using Identity Protection or Conditional Access policiesImplement and manage sign-in risk by using Identity Protection or Conditional Access policiesImplement and manage Multifactor authentication registration policiesMonitor, investigate and remediate risky users and risky sign-insMonitor, investigate, and remediate risky workload identitiesImplement access management for Azure resources by using Azure rolesCreate custom Azure roles, including both control plane and data plane permissionsAssign built-in and custom Azure rolesEvaluate effective permissions for a set of Azure rolesAssign Azure roles to enable Microsoft Entra ID login to Azure virtual machinesConfigure Azure Key Vault role-based access control (RBAC) and access policiesImplement Global Secure AccessDeploy Global Secure Access clientsDeploy Private AccessDeploy Internet AccessDeploy Internet Access for Microsoft 365Plan and implement workload identities (20–25%)Plan and implement identities for applications and Azure workloadsSelect appropriate identities for applications and Azure workloads, including managed identities, service principals, user accounts, and managed service accountsCreate managed identitiesAssign a managed identity to an Azure resourceUse a managed identity assigned to an Azure resource to access other Azure resourcesPlan, implement, and monitor the integration of enterprise applicationsPlan and implement settings for enterprise applications, including application-level and tenant-level settingsAssign appropriate Microsoft Entra roles to users to manage enterprise applicationsDesign and implement integration for on-premises apps by using Microsoft Entra Application ProxyDesign and implement integration for software as a service (SaaS) appsAssign, classify, and manage users, groups, and app roles for enterprise applicationsConfigure and manage user and admin consentCreate and manage application collectionsPlan and implement app registrationsPlan for app registrationsCreate app registrationsConfigure app authenticationConfigure API permissionsCreate app rolesManage and monitor app access by using Microsoft Defender for Cloud AppsConfigure and analyze cloud discovery results by using Defender for Cloud AppsConfigure connected appsImplement application-enforced restrictionsConfigure Conditional Access app controlCreate access and session policies in Defender for Cloud AppsImplement and manage policies for OAuth appsManage the Cloud app catalogPlan and automate identity governance (25–30%)Plan and implement entitlement management in Microsoft EntraPlan entitlementsCreate and configure catalogsCreate and configure access packagesManage access requestsImplement and manage terms of use (ToU)Manage the lifecycle of external usersConfigure and manage connected organizationsPlan, implement, and manage access reviews in Microsoft EntraPlan for access reviewsCreate and configure access reviewsMonitor access review activityManually respond to access review activityPlan and implement privileged accessPlan and manage Microsoft Entra roles in Microsoft Entra Privileged Identity Management (PIM), including settings and assignmentsPlan and manage Azure resources in PIM, including settings and assignmentsPlan and configure groups managed by PIMManage the PIM request and approval processAnalyze PIM audit history and reportsCreate and manage break-glass accountsMonitor identity activity by using logs, workbooks, and reportsReview and analyze sign-in, audit, and provisioning logs by using the Microsoft Entra admin centerConfigure diagnostic settings, including configuring destinations such as Log Analytics workspaces, storage accounts, and event hubsMonitor Microsoft Entra ID by using KQL queries in Log AnalyticsAnalyze Microsoft Entra ID by using workbooks and reportingMonitor and improve the security posture by using Identity Secure ScorePlan and implement Microsoft Entra Permissions ManagementOnboard Azure subscriptions to Permissions ManagementEvaluate and remediate risks relating to Azure identities, resources, and tasksEvaluate and remediate risks relating to Azure highly privileged rolesEvaluate and remediate risks relating to Permissions Creep Index (PCI) in AzureConfigure activity alerts and triggers for Azure subscriptions
Overview
Section 1: Introduction
Lecture 1 Slides
Lecture 2 Basics
Lecture 3 FAQs
Section 2: Basics - Azure
Lecture 4 Cloud Computing Properties
Lecture 5 Cloud Computing Types
Lecture 6 Azure Global Backbone
Lecture 7 Shared Responsibility Model
Lecture 8 Azure Resource Hierarchy
Lecture 9 Azure Subscription Types
Lecture 10 Entra ID Tenants and Azure Subscriptions
Lecture 11 Create Your Azure Subscription
Section 3: Basics - Identity
Lecture 12 Authorization
Lecture 13 Authentication
Lecture 14 Identity Providers
Lecture 15 Federation
Lecture 16 Directory Services
Section 4: Basics - Microsoft Security
Lecture 17 Zero Trust
Lecture 18 The Microsoft Security Cosmos
Lecture 19 Defending Across Attack Chains
Section 5: Configure and manage a Microsoft Entra tenant
Lecture 20 Microsoft Entra
Lecture 21 Microsoft Entra ID
Lecture 22 Configure and manage built-in and custom Microsoft Entra roles
Lecture 23 Recommend when to use administrative units
Lecture 24 Configure and manage administrative units
Lecture 25 Evaluate effective permissions for Microsoft Entra roles
Lecture 26 Configure Company branding settings
Lecture 27 Configure tenant properties, user settings, group & device settings
Section 6: Create, configure, and manage Microsoft Entra identities
Lecture 28 User Identities
Lecture 29 Create, configure, and manage users
Lecture 30 Groups
Lecture 31 Create, configure, and manage groups
Lecture 32 Assign and modify licenses
Lecture 33 Bulk Operations
Section 7: Implement and manage identities for external users and tenants
Lecture 34 Entra ID External Identities
Lecture 35 Manage External collaboration settings in Microsoft Entra ID
Lecture 36 Implement Cross-tenant access settings
Lecture 37 Configure external identity providers, including protocols such as SAML
Section 8: Implement and manage hybrid identity
Lecture 38 Deploy Azure Resources for Hybrid Identity
Lecture 39 Setup Custom Domain
Lecture 40 Setup Active Directory
Lecture 41 Entra Connect
Lecture 42 Implement and manage Microsoft Entra Connect Sync
Lecture 43 Hybrid Authentication Options
Section 9: Plan, implement, and manage Microsoft Entra user authentication
Lecture 44 Plan for authentication
Lecture 45 Multi-Factor Authentication (MFA)
Lecture 46 Implement and manage tenant-wide Multi-factor Authentication (MFA) settings
Lecture 47 Implement and manage authentication methods
Lecture 48 Self-Service Password Reset (SSPR)
Lecture 49 Configure and deploy self-service password reset (SSPR)
Lecture 50 Disable accounts and revoke user sessions
Lecture 51 Microsoft Entra Password Protection
Lecture 52 Implement and manage Microsoft Entra password protection
Section 10: Plan, implement, and manage Microsoft Entra Conditional Access
Lecture 53 Plan Conditional Access policies
Lecture 54 Implement Conditional Access policy assignments
Lecture 55 Implement session management
Lecture 56 Test and troubleshoot Conditional Access policies
Lecture 57 Create a Conditional Access policy from a template
Section 11: Manage risk by using Microsoft Entra ID Protection
Lecture 58 Entra ID Protection
Lecture 59 Implement and manage user and sign-in risk
Section 12: Implement access management for Azure resources by using Azure roles
Lecture 60 Azure Role-Based-Acces-Control (RBAC)
Lecture 61 Azure RBAC vs. Entra ID Roles
Lecture 62 Create custom Azure roles
Lecture 63 Assign built-in and custom Azure roles
Lecture 64 Evaluate effective permissions for a set of Azure roles
Section 13: Implement Global Secure Access
Lecture 65 Global Secure Access
Lecture 66 Configure Traffic Profiles
Section 14: Plan and implement identities for applications and Azure workloads
Lecture 67 Managed identities
Lecture 68 Create and assign managed identities
Section 15: Plan, implement, and monitor the integration of enterprise applications
Lecture 69 Plan and implement settings for enterprise applications
Lecture 70 Assign appropriate Microsoft Entra roles to users to manage enterprise apps
Lecture 71 Design and implement integration for on-premises apps by using Entra App Proxy
Lecture 72 Design and implement integration for software as a service (SaaS) apps
Lecture 73 Assign, classify, and manage users, groups, and app roles for enterprise apps
Lecture 74 Configure and manage user and admin consent
Lecture 75 Create and manage application collections
Section 16: Plan and implement app registrations
Lecture 76 Create app registrations
Lecture 77 Configure app authentication
Lecture 78 Configure API permissions
Lecture 79 Create app roles
Section 17: Manage and monitor access by using Microsoft Defender Cloud Apps and Identity
Lecture 80 What is Defender XDR?
Lecture 81 Demo: Configure RBAC in Defender XDR
Lecture 82 Defender for Cloud Apps
Lecture 83 Cloud App Policies
Lecture 84 Manage the Cloud app catalog
Lecture 85 Defender for Identity
Lecture 86 NTLM
Lecture 87 Pass-the-Hash Attacks
Lecture 88 Kerberos
Lecture 89 Pass-The-Ticket Attacks
Lecture 90 Brute Force Attacks
Lecture 91 Remote Code Execution Attacks
Section 18: Plan and implement entitlement management in Microsoft Entra
Lecture 92 Plan entitlements
Lecture 93 Create and configure catalogs
Lecture 94 Create and configure access packages
Lecture 95 Implement and manage terms of use (ToU)
Section 19: Plan, implement, and manage access reviews in Microsoft Entra
Lecture 96 Plan for access reviews
Lecture 97 Create and configure access reviews
Section 20: Plan and implement privileged access
Lecture 98 Plan and manage Microsoft Entra roles in Microsoft Entra PIM
Lecture 99 Plan and manage Azure resources in PIM, including settings and assignments
Section 21: Monitor identity activity
Lecture 100 What is KQL?
Lecture 101 Demo: KQL Playground
Lecture 102 search
Lecture 103 where
Lecture 104 datetime & timespans
Lecture 105 count, dcount, summarize & top
Lecture 106 order, sort, take
Lecture 107 extend, project
Lecture 108 contains, startswith, endswith
Lecture 109 let
Lecture 110 render
Lecture 111 union
Lecture 112 inner join
Lecture 113 Sentinel for Entra ID Security Monitoring
Lecture 114 Sentinel Deployment Prerequisites
Lecture 115 Demo: Create an Azure Resource Group for Sentinel
Lecture 116 Demo: Create a Log Analytics Workspace
Lecture 117 Demo: Create a Sentinel Workspace
Lecture 118 Sentinel RBAC
Lecture 119 Demo: Azure RBAC for Sentinel
Lecture 120 Sentinel Data Sources
Lecture 121 Demo: Content Hub
Lecture 122 Demo: Ingesting Entra ID into Sentinel
Lecture 123 Demo: Verify Entra ID Ingestion
Lecture 124 Sentinel Workflow
Lecture 125 Analytic Rules
Lecture 126 Demo: Analytic Rules
Lecture 127 Scheduled Analytic Rules
Lecture 128 Demo: Scheduled Analytic Rules - Entra ID
Lecture 129 UEBA in Sentinel
Lecture 130 Demo: UEBA in Sentinel
Lecture 131 KQL Hunting Queries: Entra ID Brute Force
Lecture 132 KQL Hunting Queries: Suspicious Sign-in to privileged Accounts
Section 22: Plan Microsoft Entra Permissions Management (EPM)
Lecture 133 Entra Permissions Management (EPM)
Section 23: Bonus
Lecture 134 Bonus
SOC Analyst,Security Engineer,Security Consultant,Security Architect,Security Manager,Cloud Engineer,Cloud Architect,IT Manager,CISO,Identity Architect,IT Administrator