SC-300: Microsoft Identity and Access Administrator Course Overview:

This Microsoft Identity and Access Administrator certification training course from CloudThat teaches candidates how to design, implement, and operate an organization’s identity and access management systems using Azure Active Directory (Azure AD). Candidates taking up this Azure SC-300 course also learn how to secure authentication and authorization access to enterprise applications and provide seamless experiences and self-service management capabilities to all users. An Identity and Access Administrator Associate is also responsible for monitoring, troubleshooting, and reporting on the identity and access environment.


After completing SC-300 Training, students will be able to

  • Implement an identity management solution
  • Implement an authentication and access management solutions
  • Implement access management for apps
  • Plan and implement an identity governance strategy

Upcoming Batches

Enroll Online
Start Date End Date



SC-300 Certification Key Features:

  • Our Microsoft SC-300 training modules have 50% -60% hands-on lab sessions to encourage Thinking-Based Learning (TBL).
  • Interactive-rich virtual and face-to-face classroom teaching to inculcate Problem-Based Learning (PBL).
  • Microsoft certified instructor-led training and mentoring sessions to develop Competency-Based Learning (CBL).
  • Well-structured use-cases to simulate challenges encountered in a Real-World environment.
  • Integrated teaching assistance and support through experts designed Learning Management System (LMS) and ExamReady platform.
  • Being a Microsoft Learning Partner provides us with the edge over competition.

Who should attend this SC-300 Certification Training?

  • The SC-300: Microsoft Identity and Access Administrator certification training is designed for individuals responsible for designing, implementing, and operating identity and access management systems using Azure AD. This training is suitable for professionals who manage tasks such as providing secure authentication and authorization access to enterprise applications, ensuring seamless user experiences, and implementing self-service management capabilities. Adaptive access and governance are key components of this role, making it ideal for individuals who oversee troubleshooting, monitoring, and reporting for identity and access environments. Whether working independently or as part of a larger team, attendees of this certification training collaborate with various roles within the organization to drive strategic identity projects, modernize identity solutions, implement hybrid identity solutions, and enforce identity governance.

What are the prerequisites for the training?

  • Security best practices and industry security requirements such as defense in depth, least privileged access, shared responsibility, and zero trust model.
  • Be familiar with identity concepts such as authentication, authorization, and active directory.
  • Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.
  • Some experience with Windows and Linux operating systems and scripting languages is helpful but not required. Course labs may use PowerShell and the CLI.

SC-300 Training Course Oultine: Download Course Outline

Configure and manage an Azure AD tenant

  • Configure and manage Azure AD roles
  • Configure delegation by using administrative units
  • Analyze Azure AD role permissions
  • Configure and manage custom domains
  • Configure tenant-wide settings

Create, configure, and manage Azure AD identities

  • Create, configure, and manage users
  • Create, configure, and manage groups
  • Configure and manage device join and registration, including writeback
  • Assign, modify, and report on licenses

Implement and manage external identities

  • Manage external collaboration settings in Azure AD
  • Invite external users, individually or in bulk
  • Manage external user accounts in Azure AD
  • Configure identity providers, including SAML or WS-fed

Implement and manage hybrid identity

  • Implement and manage Azure AD Connect
  • Implement and manage Azure AD Connect cloud sync
  • Implement and manage Password Hash Synchronization (PHS)
  • Implement and manage Pass-Through Authentication (PTA)
  • Implement and manage seamless Single Sign-On (SSO)
  • Implement and manage Federation, excluding manual AD FS deployments
  • Implement and manage Azure AD Connect Health
  • Troubleshoot synchronization errors

Plan, implement, and manage Azure Multifactor Authentication (MFA) and self-service password reset

  • Plan Azure MFA deployment, excluding MFA Server
  • Configure and deploy self-service password reset
  • Implement and manage Azure MFA settings
  • Manage MFA settings for users
  • Extend Azure AD MFA to third party and on-premises devices
  • Monitor Azure AD MFA activity

Plan, implement, and manage Azure AD user authentication

  • Plan for authentication
  • Implement and manage authentication methods
  • Implement and manage Windows Hello for Business
  • Implement and manage password protection and smart lockout
  • Implement certificate-based authentication in Azure AD
  • Configure Azure AD user authentication for Windows and Linux virtual machines on Azure

Plan, implement, and manage Azure AD conditional access

  • Plan conditional access policies
  • Implement conditional access policy assignments
  • Implement conditional access policy controls
  • Test and troubleshoot conditional access policies
  • Implement session management
  • Implement device-enforced restrictions
  • Implement continuous access evaluation
  • Create a conditional access policy from a template

Manage Azure AD Identity Protection

  • Implement and manage a user risk policy
  • Implement and manage sign-in risk policy
  • Implement and manage MFA registration policy
  • Monitor, investigate and remediate risky users
  • Implement security for workload identities

Implement access management for Azure resources

  • Assign Azure roles
  • Configure custom Azure roles
  • Create and configure managed identities
  • Use managed identities to access Azure resources
  • Analyze Azure role permissions
  • Configure Azure Key Vault RBAC and policies

Manage and monitor application access by using Microsoft Defender for Cloud Apps

  • Discover and manage apps by using Microsoft Defender for Cloud Apps
  • Configure connectors to apps
  • Implement application-enforced restrictions
  • Configure conditional access app control
  • Create access and session policies in Microsoft Defender for Cloud Apps
  • Implement and manage policies for OAUTH apps

Plan, implement, and monitor the integration of Enterprise applications

  • Configure and manage user and admin consent
  • Discover apps by using ADFS application activity reports
  • Design and implement access management for apps
  • Design and implement app management roles
  • Monitor and audit activity in enterprise applications
  • Design and implement integration for on-premises apps by using Azure AD Application Proxy
  • Design and implement integration for SaaS apps
  • Provision and manage users, groups, and roles on Enterprise applications 
  • Create and manage application collections

Plan and implement application registrations

  • Plan for application registrations
  • Implement application registrations
  • Configure application permissions
  • Implement application authorization
  • Plan and configure multi-tier application permissions
  • Manage and monitor applications by using App governance

Plan and implement entitlement management

  • Plan entitlements
  • Create and configure catalogs
  • Create and configure access packages
  • Manage access requests
  • Implement and manage terms of use
  • Manage the lifecycle of external users in Azure AD Identity Governance Settings
  • Configure and manage connected organizations
  • Review per-user entitlements by using Azure AD Entitlement management

Plan, implement, and manage access reviews

  • Plan for access reviews
  • Create and configure access reviews for groups and apps
  • Create and configure access review programs
  • Monitor access review activity
  • Respond to access review activity, including automated and manual responses

Plan and implement privileged access

  • Plan and manage Azure roles in Privileged Identity Management (PIM), including settings and assignments
  • Plan and manage Azure resources in PIM, including settings and assignments
  • Plan and configure Privileged Access groups
  • Manage PIM requests and approval process
  • Analyze PIM audit history and reports
  • Create and manage break-glass accounts

Monitor Azure AD

  • Design a strategy for monitoring Azure AD
  • Review and analyze sign-in, audit, and provisioning logs by using the Azure Active Directory admin center
  • Configure diagnostic settings, including Log Analytics, storage accounts, and Event Hub
  • Monitor Azure AD by using Log Analytics, including KQL queries
  • Analyze Azure AD by using workbooks and reporting in the Azure Active Directory admin center
  • Monitor and improve the security posture by using the Identity Secure Score


    • By earning SC300 Azure certification, you can design, implement, and operate an organization’s identity and access management systems by using Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra.
    • You will be able to implement identities in Azure AD, implement authentication and access management, implement access management for applications, and plan and implement identity governance in Azure AD.
    • On successful completion of Microsoft SC-300 exam training, aspirants receive a Course Completion Certificate from us.
    • By successfully clearing the SC-300 exam, aspirants earn Microsoft Certification.

Course Fee

Select Course date

Add to Wishlist

Course ID: 13529

Course Price at

$1599 + 0% TAX
Enroll Now
Enquire Now