SC-300T00 - Microsoft Identity and Access Administrator

Référence SC-300T00

Durée 4 Days

Modalité Formations catalogue

1900 

UGS : SC-300T00 Catégories : ,

target Objectives

Implement an identity management solution
Implement an authentication and access management solutions
Implement access management for apps
Plan and implement an identity governancy strategy

tablet Prerequistes

Before attending this course, students should have understanding of:

Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.

Be familiar with identity concepts such as authentication, authorization, and active directory.

Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.

Some experience with Windows and Linux operating systems and scripting languages is helpful but not required. Course labs may use PowerShell and the CLI.

check Description

This course provides IT Identity and Access Professional, along with IT Security Professional, with the knowledge and skills needed to implement identity management solutions based on Microsoft Azure AD, and it connected identity technologies. This course includes identity content for Azure AD, enterprise application registration, conditional access, identity governance, and other identity tools.

check user Audience profile

This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialize in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organization.

Job role: Security Engineer

Discover lesson plan

Module 1: Implement an identity management solution
Learn to create and manage your initial Azure Active Directory (Azure AD) implementation and configure the users, groups, and external identities you will use to run your solution.

Lessons
Implement Initial configuration of Azure AD

Create, configure, and manage identities

Implement and manage external identities

Implement and manage hybrid identity

Lab : Manage user roles
Lab : Setting tenant-wide properties
Lab : Assign licenses to users
Lab : Restore or remove deleted users
Lab : Add groups in Azure AD
Lab : Change group license assignments
Lab : Change user license assignments
Lab : Configure external collaboration
Lab : Add guest users to the directory
Lab : Explore dynamic groups
After completing this module, students will be able to:

Deploy an initial Azure AD with custom settings

Manage both internal and external identities

Implement a hybrid identity solution

Module 2: Implement an authentication and access management solution
Implement and administer your access management using Azure AD. Use MFA, conditional access, and identity protection to manager your identity solution.

Lessons
Secure Azure AD user with MFA

Manage user authentication

Plan, implement, and administer conditional access

Manage Azure AD identity protection

Lab : Configure Azure AD MFA authentication registration policy
Lab : Enable sign-in risk policy
Lab : Manage Azure AD smart lockout values
Lab : Configure authentication session controls
Lab : Implement conditional access policies, roles, and assignments
Lab : Work with security defaults
Lab : Configure and deploy self-service password reset (SSPR)
Lab : Enable Azure AD MFA
After completing this module, students will be able to:

Configure and manage user authentication including MFA

Control access to resources using conditional access

Use Azure AD Identity Protection to protect your organization

Module 3: Implement access management for Apps
Explore how applications can and should be added to your identity and access solution with application registration in Azure AD.

Lessons
Plan and design the integration of enterprise for SSO

Implement and monitor the integration of enterprise apps for SSO

Implement app registration

Lab : Implement access management for apps
Lab : Create a custom role to management app registration
Lab : Register an application
Lab : Grant tenant-wide admin consent to an application
Lab : Add app roles to applications and recieve tokens
After completing this module, students will be able to:

Register a new application to your Azure AD

Plan and implement SSO for enterprise application

Monitor and maintain enterprise applications

Module 4: Plan and implement an identity governancy strategy
Design and implement identity governance for your identity solution using entitlement, access reviews, privileged access, and monitoring your Azure Active Directory (Azure AD).

Lessons
Plan and implement entitlement management

Plan, implement, and manage access reviews

Plan and implement privileged access

Monitor and maintain Azure AD

Lab : Configure PIM for Azure AD roles
Lab : Assign Azure AD role in PIM
Lab : Assign Azure resource roles in PIM
Lab : Connect data from Azure AD to Azure Sentinel
Lab : Create access reviews for groups and apps
Lab : Manage the lifecycle of external users with Azure AD identity governance
Lab : Add terms of use acceptance report
Lab : Create and manage a resource catalog with Azure AD entitlement
After completing this module, students will be able to:

Manage and maintain Azure AD from creation to solution

Use access reviews to maintain your Azure AD

Grant access to users with entitlement management