Course Code: SC-300T00; Duration: 4 days; Instructor-led
This course provides IT Identity and Access Professional, along with IT Security Professional, with the knowledge and skills needed to implement identity management solutions based on Microsoft Azure AD, and it connected identity technologies. This course includes identity content for Azure AD, enterprise application registration, conditional access, identity governance, and other identity tools.
This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialize in providing identity solutions and access management systems for Azure-based solutions, playing an integral role in protecting an organization.
Successful learners will have prior knowledge and understanding of:
- Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.
- Be familiar with identity concepts such as authentication, authorization, and active directory.
- Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.
- Some experience with Windows and Linux operating systems and scripting languages is helpful but not required.
- Course labs may use PowerShell and the CLI.
This program will be conducted with interactive lectures, PowerPoint presentation, discussion and practical exercise.
- Implement an identity management solution.
- Implement an authentication and access management solutions.
- Implement access management for apps.
- Plan and implement an identity governancy strategy.
- Implement Initial configuration of Azure AD.
- Create, configure, and manage identities.
- Implement and manage external identities.
- Implement and manage hybrid identity.
Lab: Manage user roles
Lab: Setting tenant-wide properties
Lab: Assign licenses to users
Lab: Restore or remove deleted users
Lab: Add groups in Azure AD
Lab: Change group license assignments
Lab: Change user license assignments
Lab: Configure external collaboration
Lab: Add guest users to the directory
Lab: Explore dynamic groups
- Secure Azure AD user with MFA
- Manage user authentication.
- Plan, implement, and administer conditional access.
- Manage Azure AD identity protection.
Lab: Enable Azure AD MFA
Lab: Configure and deploy self-service password reset (SSPR)
Lab: Work with security defaults
Lab: Implement conditional access policies, roles, and assignments
Lab: Configure authentication session controls
Lab: Manage Azure AD smart lockout values
Lab: Enable sign-in risk policy
Lab: Configure Azure AD MFA authentication registration policy
- Plan and design the integration of enterprise for SSO.
- Implement and monitor the integration of enterprise apps for SSO.
- Implement app registration.
Lab: Implement access management for apps
Lab: Create a custom role to management app registration
Lab: Register an application
Lab: Grant tenant-wide admin consent to an application
Lab: Add app roles to applications and receive tokens
- Plan and implement entitlement management.
- Plan, implement, and manage access reviews.
- Plan and implement privileged access.
- Monitor and maintain Azure AD.
Lab: Creat and manage a resource catalog with Azure AD entitlement
Lab: Manage the lifecycle of external users with Azure AD identity governance
Lab: Create access reviews for groups and apps
Lab: Configure PIM for Azure AD roles
Lab: Assign Azure AD role in PIM
Lab: Assign Azure resource roles in PIM
Lab: Connect data from Azure AD to Azure Sentinel