SC-300T00 - Microsoft Identity and Access Administrator

Référence SC-300T00

Durée 4 Days

Modalité Formations catalogue

1900 

UGS : SC-300T00 Catégories : ,

target Objectives

Implement an identity management solution
Implement an authentication and access management solutions
Implement access management for apps
Plan and implement an identity governancy strategy

tablet Prerequistes

Before attending this course, students should have understanding of:

Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.

Be familiar with identity concepts such as authentication, authorization, and active directory.

Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.

Some experience with Windows and Linux operating systems and scripting languages is helpful but not required. Course labs may use PowerShell and the CLI.

check Description

This course provides IT Identity and Access Professional, along with IT Security Professional, with the knowledge and skills needed to implement identity management solutions based on Microsoft Azure AD, and it connected identity technologies. This course includes identity content for Azure AD, enterprise application registration, conditional access, identity governance, and other identity tools.

check user Audience profile

This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialize in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organization.

Job role: Security Engineer

Discover lesson plan

Module 1: Explore Identity in Azure AD (optional)

This is an optional entry level module covering the basic concepts of identity and access management with Azure AD. Learn the definitions and purpose of Zero Trust, Authentication, Authorization, Tokens, and other identity related topics.

Lesson

  • What is identity in Azure

After completing this module, students will be able to:

  • Define common identity terms and explain how they are used in the Microsoft Cloud
  • Explain the common management tools and needs of an identity solution
  • Review the goal of Zero Trust and how it is applied in the Microsoft Cloud
  • Explain the available identity services in the Microsoft Cloud

 

Module 2: Implement an identity management solution

Learn to create and manage your Azure Active Directory (Azure AD) implementation and configure the users, groups, and external identities you will use to run your solution. You will also learn to configure and manager a hybrid identity solution.

Lesson

  • Configure and manage Azure Active Directory
  • Create, configure, and manage identities
  • Implement and manage external identities
  • Implement and manage hybrid identities

Lab : Manage user roles

Lab : Working with tenant properties

Lab : Assigning license using group membership

Lab : Configure external collaboration settings

Lab : Add guest users to the directory

Lab : Add a federated identity provider

Lab : Add hybrid identity with Azure AD Connect

After completing this module, students will be able to:

  • Deploy and configure Azure AD with custom company settings
  • Manage both internal and external identities
  • Implement a hybrid identity solution

 

Module 3: Implement an authentication and access management solution

Implement and administer your access management using Azure AD. Use MFA, Conditional Access, and identity protection to manager your identity solution.

Lesson

  • Plan and implement multifactor authentication (MFA)
  • Manage user authentication
  • Plan, implement, and administer conditional access
  • Manage identity protection
  • Implement access management for Azure resources

Lab : Enable Azure AD Multi-factor Authentication

Lab : Enable Azure AD self-service password reset

Lab : Azure AD authentication for Windows and Linux virtual machines

Lab : Assign Azure resource roles in Privileged Identity Management

Lab : Manage Azure AD smart lockout values

Lab : Implement and test a conditional access policy

Lab : Enable sign-in and user-risk policies

Lab : Configure an Azure AD Multi-factor Authentication registration policy

Lab : Use Azure Key Vault for managed identities

After completing this module, students will be able to:

  • Can and manage user authentication including MFA and SSPR
  • Control access to resources using conditional access
  • Use Azure AD identity protection to protect your organization

 

Module 4: Implement access management for apps

Explore how applications can and should be added to your identity and access solution with application registration in Azure AD. Register and manage new application in your environment.

Lesson

  • Plan and design the integration of Enterprise Apps for SSO
  • Implement and monitor the integration of Enterprise Apps and configure for SSO
  • Implement app registration

Lab : Defender for Cloud Apps access policies

Lab : Register an application

Lab : Implement access management for apps

Lab : Grant tenant-wide admin consent to an application

After completing this module, students will be able to:

  • Register a new application to your Azure AD directory
  • Plan and implement SSO for enterprise applications
  • Monitor and maintain enterprise applications

 

Module 5: Plan and implement an Identity Governance strategy

Design and implement identity governance for your identity solution using entitlement, access reviews, privileged access, and monitoring your Azure Active Directory (Azure AD).

Lesson

  • Plan and implement entitlement management
  • Plan, implement, and manager access reviews
  • Plan and implement privileged access
  • Monitor and maintain Azure Active Directory

Lab : Create and manage a catalog of resources in Azure AD entitlement management

Lab : Add terms of use and acceptance reporting

Lab : Manage the lifecycle of external users in Azure AD Identity Governance settings

Lab : Create access reviews for internal and external users

Lab : Configure Privileged Identity Management (PIM) for Azure AD roles

Lab : Explore Microsoft Sentinel and use Kusto Queries for reviewing Azure AD data sources

Lab : Monitor and manage your security posture with Identity Secure Score

After completing this module, students will be able to:

  • Manage and maintain Azure AD from creation to solutions
  • Use access reviews to maintain your Azure AD
  • Grant access to users with entitlement management

 

Formations similaires