SC-300 : Microsoft identity and access administrator

To participate in the SC-300 training, you must have previously completed the « SC-900 : Microsoft Security, Compliance, and Identity Fundamentals » and « AZ-104 : Azure Administrator » training or have an equivalent level of knowledge.

Implement Initial Configuration of Microsoft Entra ID

• Implement the initial configuration of Microsoft Entra ID.
• Create, configure, and manage identities.
• Implement and manage external identities (excluding B2C scenarios).
• Implement and manage hybrid identity.

Create, Configure, and Manage Identities

• Create, configure, and manage identities.
• Create, configure, and manage groups.
• Manage licenses.
• Explain custom security attributes and user provisioning automation.

Implement and Manage External Identities

• Manage external collaboration settings in Microsoft Entra ID.
• Invite external users (individually or in bulk).
• Manage external user accounts in Microsoft Entra ID.
• Configure identity providers (social and SAML/WS-FED).

Implement and Manage Hybrid Identity

• Plan, design, and implement Microsoft Entra Connect.
• Manage Microsoft Entra Connect.
• Manage Password Hash Synchronization (PHS).
• Manage Pass-Through Authentication (PTA).
• Manage Seamless Single Sign-On.
• Manage federation excluding manual ADFS deployments.
• Troubleshoot synchronization errors.
• Implement and manage Microsoft Entra Connect Health.

Secure Microsoft Entra Users with Multi-Factor Authentication

• Understand Microsoft Entra Multi-Factor Authentication.
• Create a plan to deploy Microsoft Entra Multi-Factor Authentication.
• Enable Microsoft Entra Multi-Factor Authentication for specific users and applications.

Manage User Authentication

• Administer authentication methods (FIDO2/passwordless).
• Implement a Windows Hello for Business-based authentication solution.
• Configure and deploy self-service password reset.
• Deploy and manage password protection.
• Implement and manage tenant restrictions.

Plan, Implement, and Administer Conditional Access

• Plan and implement default security settings.
• Plan conditional access policies.
• Implement conditional access policy controls and assignments (targeting, applications, and conditions).
• Test and troubleshoot conditional access policies.
• Implement application controls.
• Implement session management.
• Configure smart lockout thresholds.

Manage Microsoft Entra Identity Protection

• Implement and manage user risk policies.
• Implement and manage sign-in risk policies.
• Implement and manage MFA registration policies.
• Monitor, review, and remediate risky users.

Implement Access Management for Azure Resources

• Configure and use Azure roles in Microsoft Entra ID.
• Configure a managed identity and assign it to Azure resources.
• Analyze role permissions granted or inherited by a user.
• Configure data access in Azure Key Vault using RBAC.

Plan and Design Enterprise Application Integration for Single Sign-On

• Discover applications using Defender for Cloud Apps or the ADFS Applications Report.
• Design and implement access management for applications.
• Design and implement application management roles.
• Configure pre-integrated (gallery) SaaS applications.

Implement and Monitor Enterprise Application Integration for Single Sign-On

• Implement token customizations.
• Implement and configure consent settings.
• Integrate on-premises applications using Microsoft Entra Application Proxy.
• Integrate custom SaaS applications for single sign-on.
• Implement application user provisioning.
• Monitor and audit access/authentication for enterprise applications integrated with Microsoft Entra ID.

Implement Application Registration

• Plan your business application registration strategy.
• Implement application registrations.
• Configure application permissions.
• Plan and configure multi-tier application permissions.

Register Applications Using Microsoft Entra ID

• Explain the benefits of registering applications in Microsoft Entra ID.
• Compare and contrast single-tenant and multi-tenant applications.
• Describe what happens and the key settings when registering an application.
• Describe the relationship between application objects and service principals.

Plan and Implement Entitlement Management

• Define catalogs.
• Define access packages.
• Plan, implement, and manage entitlement management.
• Implement and manage terms of use.
• Manage the lifecycle of external users within Microsoft Entra ID governance settings.

Plan, Implement, and Manage Access Reviews

• Plan access reviews.
• Create access reviews for groups and applications.
• Monitor access review results.
• Manage licenses for access reviews.
• Automate management tasks for access reviews.
• Configure recurring access reviews.

Plan and Implement Privileged Access

• Define a privileged access strategy for administrative users (resources, roles, approvals, and thresholds).
• Configure Privileged Identity Management for Microsoft Entra roles.
• Configure Privileged Identity Management for Azure roles.
• Assign roles.
• Manage PIM requests.
• Analyze PIM audit history and reports.
• Create and manage break-glass accounts.

Monitor and Manage Microsoft Entra ID

• Analyze and investigate sign-in logs to troubleshoot access issues.
• Review and monitor Microsoft Entra audit logs.
• Enable and integrate Microsoft Entra diagnostic logs with Log Analytics/Azure Sentinel.
• Export sign-in and audit logs to a third-party SIEM tool.
• Review Microsoft Entra activities using Log Analytics/Azure Sentinel, excluding Kusto Query Language (KQL) usage.
• Analyze Microsoft Entra workbooks and reports.
• Configure notifications.

Explore the Features of Microsoft Entra Permissions Management

• Understand the features of Microsoft Entra Permissions Management.
• Explore how permissions management helps you discover, remediate, and monitor identities, permissions, and resources.
• Gain insights from data and analytics provided by permissions management.

Updated on: 09/02/2024

In this training, we mix theory with technical workshops to quickly make you operational. Additionally, each participant receives course materials at the end of the training.

One of our consultant trainers conducts the training. With solid field experience, they make the learning process both interactive and enriching.

For assessment, the trainer regularly asks questions and uses various methods to continuously measure your progress. This approach promotes a dynamic and engaging learning experience.

After the training, we ask you to complete a satisfaction questionnaire. Your feedback helps us to maintain and constantly improve the quality of our training.

Finally, we offer the flexibility to deliver this training both in-person and remotely, and it can be customized to meet your company’s specific needs upon request.

This training prepares you for the Microsoft certification exam “SC-300: Microsoft Identity and Access Administrator”. We recommend registering for the exam approximately one month after completing the training. The course materials and Labs provided during the training will help you properly review for your certification.

You can register for certification on the Microsoft site. If you would like to buy a certification voucher from us, or if you would like us to support you in this process, please contact us

You can register for one of our training courses up to two business days before it starts, if there are still available places and you signed quote.

If you have specific needs related to a disability, please do not hesitate to make a request; we are happy to adjust our services according to the type of disability.