Microsoft Identity and Access Administrator Training (SC-300)

The Microsoft Identity and Access Administrator course explores using Azure AD to design, implement, and operate an organization’s identity and access management systems. Learn to manage tasks such as providing secure authentication and authorization access to enterprise applications. You will also learn to provide seamless experiences and self-service management capabilities for all users. Finally, learn to create adaptive access and governance of your identity and access management solutions, ensuring you

Interested in attending? Have a suggestion about running this event near you?
Register your interest now


Module 1: Implement an identity management solution
Learn to create and manage your initial Azure Active Directory (Azure AD) implementation and configure the users, groups, and external identities you will use to run your solution.


Implement Initial configuration of Azure AD
Create, configure, and manage identities
Implement and manage external identities
Implement and manage hybrid identity
Lab: Manage user roles

Lab: Setting tenant-wide properties

Lab: Assign licenses to users

Lab: Restore or remove deleted users

Lab: Add groups in Azure AD

Lab: Change group license assignments

Lab: Change user license assignments

Lab: Configure external collaboration

Lab: Add guest users to the directory

Lab: Explore dynamic groups

After completing this module, students will be able to:

Deploy an initial Azure AD with custom settings
Manage both internal and external identities
Implement a hybrid identity solution

Module 2: Implement an authentication and access management solution
Implement and administer your access management using Azure AD. Use MFA, conditional access, and identity protection to manage your identity solution.


Secure Azure AD user with MFA
Manage user authentication
Plan, implement, and administer conditional access
Manage Azure AD identity protection
Lab: Enable Azure AD MFA

Lab: Configure and deploy self-service password reset (SSPR)

Lab: Work with security defaults

Lab: Implement conditional access policies, roles, and assignments

Lab: Configure authentication session controls

Lab: Manage Azure AD smart lockout values

Lab: Enable sign-in risk policy

Lab: Configure Azure AD MFA authentication registration policy

After completing this module, students will be able to:

Configure and manage user authentication, including MFA
Control access to resources using conditional access
Use Azure AD Identity Protection to protect your organization

Module 3: Implement access management for Apps
Explore how applications can and should be added to your identity and access solutions with application registration in Azure AD.


Plan and design the integration of enterprise for SSO
Implement and monitor the integration of enterprise apps for SSO
Implement app registration
Lab: Implement access management for apps

Lab: Create a custom role to manage app registration

Lab: Register an application

Lab: Grant tenant-wide admin consent to an application

Lab: Add app roles to applications and receive tokens

After completing this module, students will be able to:

Register a new application to your Azure AD
Plan and implement SSO for enterprise application
Monitor and maintain enterprise applications

Module 4: Plan and implement an identity governancy strategy
Design and implement identity governance for your identity solution using entitlement, access reviews, privileged access, and monitoring your Azure Active Directory (Azure AD).


Plan and implement entitlement management
Plan, implement, and manage access reviews
Plan and implement privileged access
Monitor and maintain Azure AD
Lab: Create and manage a resource catalog with Azure AD entitlement

Lab: Add terms of use acceptance report

Lab: Manage the lifecycle of external users with Azure AD identity governance

Lab: Create access reviews for groups and apps

Lab: Configure PIM for Azure AD roles

Lab: Assign Azure AD role in PIM

Lab: Assign Azure resource roles in PIM

Lab: Connect data from Azure AD to Azure Sentinel

After completing this module, students will be able to:

Manage and maintain Azure AD from creation to solution
Use access reviews to maintain your Azure AD
Grant access to users with entitlement management


  • Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.
  • Be familiar with identity concepts such as authentication, authorization, and active directory.
  • Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration. Instead, the course content builds on that knowledge by adding security-specific information.
  • Some experience with Windows and Linux operating systems and scripting languages is helpful but not required. Course labs may use PowerShell and the CLI.
  • Microsoft Security, Compliance, and Identity Fundamentals Training (SC-900) and Microsoft Azure Administrator Training (AZ-104)

Learning Outcomes

  • Implement an identity management solution.
  • Implement authentication and access management solutions.
  • Implement access management for apps.
  • Plan and implement an identity governance strategy.
  • Continue learning and face new challenges with after-course one-on-one instructor coaching.

Subscribe to Newsletter

Enter your email address to register to our newsletter subscription delivered on regular basis! 


© Copyright ICSI, Limited
(International CyberSecurity Institute) 2023