MicrosoftIdentity and Access Administrator

• Identity and access administrators who want to obtain an internationally recognized certification exam or improve their knowledge related to performing identity and access administration tasks.
• Administrators or engineers who want to specialize in providing identity solutions and access management systems related to Azure solutions.

• Implement an identity management solution.
• Implement an authentication and access management solutions.
• Implement access management for apps.
• Plan and implement an identity governance strategy. 

• Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.
• Be familiar with identity concepts such as authentication, authorization, and active directory.
• Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.
• Some experience with Windows and Linux operating systems and scripting languages is helpful but not required. Course labs may use PowerShell and the CLI.

Training materials available on Microsoft Learn environment.

SC-300 certification exam (the exam fee is already included in the course price).

1. Implement an identity management solution

Lessons:

• Implement Initial configuration of Azure AD.
• Create, configure, and manage identities.
• Implement and manage external identities.
• Implement and manage hybrid identity.

Lab: Manage user roles.

Lab: Setting tenant-wide properties.

Lab: Assign licenses to users.

Lab: Restore or remove deleted users.

Lab: Add groups in Azure AD.

Lab: Change group license assignments.

Lab: Change user license assignments.

Lab: Configure external collaboration.

Lab: Add guest users to the directory.

Lab: Explore dynamic groups.

2. Implement an authentication and access management solution

Lessons:

• Secure Azure AD user with MFA.
• Manage user authentication.
• Plan, implement, and administer conditional access.
• Manage Azure AD identity protection.

Lab: Configure Azure AD MFA authentication registration policy.

Lab: Enable sign-in risk policy.

Lab: Manage Azure AD smart lockout values.

Lab: Configure authentication session controls.

Lab: Implement conditional access policies, roles, and assignments.

Lab: Work with security defaults.

Lab: Configure and deploy self-service password reset (SSPR).

Lab: Enable Azure AD MFA.

3. Implement access management for Apps

Lessons:

• Plan and design the integration of enterprise for SSO.
• Implement and monitor the integration of enterprise apps for SSO.
• Implement app registration.

Lab: Implement access management for apps.

Lab: Create a custom role to management app registration.

Lab: Register an application.

Lab: Grant tenant-wide admin consent to an application.

Lab: Add app roles to applications and receive tokens.

4. Plan and implement an identity governance strategy

Lessons:

• Plan and implement entitlement management.
• Plan, implement, and manage access reviews.
• Plan and implement privileged access.
• Monitor and maintain Azure AD.

Lab: Configure PIM for Azure AD roles.

Lab: Assign Azure AD role in PIM.

Lab: Assign Azure resource roles in PIM.

Lab: Create access reviews for groups and apps.

Lab: Manage the lifecycle of external users with Azure AD identity governance.

Lab: Add terms of use acceptance report.

Lab: Create and manage a resource catalog with Azure AD entitlement.