SC-300 Exam Study Guide (Microsoft Identity and Access Administrator)

SC-300 Microsoft Identity and Access Administrator Study Guide

SC-300 Preparation Details

Preparing for the SC-300 Microsoft Identity and Access Administrator exam? Don’t know where to start? This post is the SC-300 Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from Microsoft documentation for each objective of the SC-300 exam. Please share the post within your circles so it helps them to prepare for the exam.

Exam Voucher for SC-300 with 1 Retake

Get 40% OFF with the combo

SC-300 MS Identity & Access Administrator Prep

Pluralsight Configuring Identity and Access in Azure
LinkedIn Learning (Free trial) Manage Identity and Access in Azure
Udemy Microsoft Identity & Access Administrator

SC-300 Microsoft Identity & Access Admin Test

Whizlabs Exam Questions Microsoft Identity & Access Administrator Test
Udemy Practice Tests Latest Microsoft Exam Practice Questions
Amazon e-book (PDF) Identity & Access Management with Azure

Looking for SC-300 Dumps? Read This!

Using sc-300 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.

Check out all the other Azure certificate study guides

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.

Implement an Identity Management Solution (25-30%)

Implement Initial Configuration of Azure Active Directory

Configure and manage Azure AD directory roles

Understand roles in Azure Active Directory

Configure and manage Azure Active Directory roles

Configure and manage custom domains

Add a custom domain name to Azure Active Directory

Configure and manage custom domains

Configure and manage device registration options

Configure and manage device registration

Configure delegation by using administrative units

Administrative units in Azure Active Directory

Configure delegation by using administrative units

Configure tenant-wide settings

Configuration in a tenant

Configure tenant-wide setting

Azure certification Frequently Asked Questions

Create, Configure, and Manage Identities

Create, configure, and manage users

Create, configure, and manage users

Create and manage users

Create, configure, and manage groups

Create, configure, and manage groups

Create and manage groups

Manage licenses

Manage licenses

Implement and Manage External Identities

Manage external collaboration settings in Azure Active Directory

Manage external collaboration

Manage external collaboration settings in Azure AD

Invite external users (individually or in bulk)

Invite external users – individually and in bulk

Exercise: Invite guest users bulk

Demo: Invite guest users to the app

Manage external user accounts in Azure Active Directory

Manage external user accounts in Azure AD

Configure identity providers (social and SAML/WS-fed)

Configure identity providers

Implement and Manage Hybrid Identity

Implement and manage Azure Active Directory Connect (AADC)

Plan, design, and implement Azure Active Directory Connect (AADC)

Getting started with Azure AD Connect using express settings

Implement and manage Password Hash Synchronization (PHS)

What is password hash synchronization with Azure AD?

Implement & manage password hash synchronization (PHS)

Implement and manage Pass-Through Authentication (PTA)

What is Azure AD Pass-through Authentication?

Implement manage pass-through authentication (PTA)

Implement and manage seamless Single Sign-On (SSO)

Azure Active Directory Seamless Single Sign-On

Manage pass-through authentication & seamless single sign-on

Implement and manage Federation excluding manual ADFS deployments

Implement and manage federation

Implement and manage Azure Active Directory Connect Health

Implement Azure Active Directory Connect Health

Manage Azure Active Directory Connect Health

Troubleshoot synchronization errors

Trouble-shoot synchronization errors

sc-300 Mastering Identity and Access Management with Microsoft Azure

Amazon link (affiliate)

Implement an Authentication and Access Management Solution (25- 30%)

Plan and Implement Azure Multifactor Authentication (MFA)

Plan Azure MFA deployment (excluding MFA Server)

What is Azure AD Multi-Factor Authentication?

Plan your multi-factor authentication deployment

Implement and manage Azure MFA settings

Configure Azure AD MFA settings

Manage MFA settings for users

Configure users

Manage User Authentication

Administer authentication methods (FIDO2 / Passwordless)

Passwordless authentication options for Azure AD

Administer FIDO2 and passwordless authentication methods

Implement an authentication solution based on Windows Hello for Business

Windows Hello for Business & authentication

Implement authentication based on Windows Hello for Business

Configure and deploy self-service password reset

Deploy SSPR

Configure & deploy self-service password reset

Deploy and manage password protection

Deploy on-premises Azure AD password protection

Deploy & manage password protection

Implement and manage tenant restrictions

Use tenant restrictions to manage access to SaaS cloud apps

Implement & manage tenant restrictions

Plan, Implement, and Administer Conditional Access

Plan and implement security defaults

Plan security defaults

Work with security defaults

Plan conditional access policies

Conditional access policy

Implement conditional access policy controls and assignments (targeting, applications, and conditions)

Implement conditional access policies roles & assignments

Testing and troubleshooting conditional access policies

Test & troubleshoot conditional access policies

Implement application controls

Implement application controls

Implement session management

Implement session management

Configure smart lockout thresholds

Configure smart lockout thresholds

Manage Azure AD Identity Protection

Implement and manage a user risk policy

Implement & manage user risk policy

Enable user risk policy

Implement and manage sign-in risk policies

Enable sign-in risk policy

Implement and manage MFA registration policy

Azure AD Multi-Factor Authentication registration policy

Configure Azure AD MFA registration policy

Monitor, investigate, and remediate elevated risky users

Monitor, investigate, & remediate elevated risky users

Implement Access Management for Apps (10-15%)

Plan, Implement and Monitor the Integration of Enterprise Apps for Single Sign-on (SSO)

Implement and configure consent settings

Configure how end-users consent to applications

Implement and configure consent settings

Discover apps by using MCAS or ADFS app report

Discover apps by using MCAS & ADFS report

Design and implement access management for apps

Exercise: Implement access management for apps

Design and implement app management roles

Design & implement app management roles

Monitor and audit access/sign-on to Azure Active Directory-integrated enterprise applications

Monitor & audit access to Azure AD integrated apps

Implement token customizations

Implement token customizations

Integrate on-premises apps by using Azure AD application proxy

Add an on-premises app through Application Proxy in Azure AD

Integrate on-premises apps by using Azure AD app proxy

Integrate custom SaaS apps for SSO

Integrate custom SaaS apps for single sign-on

Integrate Azure AD SSO with SaaS apps

Configure pre-integrated (gallery) SaaS apps

Configure pre-integrated gallery SaaS apps

Implement application user provisioning

What is automated SaaS app user provisioning in Azure AD?

Implement application user provisioning

Implement App Registrations

Plan your line of business application registration strategy

Plan your line of business app registration strategy

Implement application registrations

Implement app registration

Exercise: register an application

Configure application permissions

Configure application permission

Implement application authorization

Implement application authorization

Plan and configure multi-tier application permissions

Sign in an Azure AD user using the multi-tenant application pattern

Plan and Implement an Identity Governance Strategy (25-30%)

Plan and Implement Entitlement Management

Define catalogs

Catalogs, What are they?

Define access packages

Define access packages

What are access packages and what resources can I manage with them?

Plan, implement and manage entitlements

Configure entitlement management

Implement and manage terms of use

Exercise: Add terms of use acceptance report

Manage the lifecycle of external users in Azure AD Identity Governance settings

Manage the lifecycle of external users with Azure AD identity governance

Plan, Implement and Manage Access Reviews

Plan for access reviews

Plan for access reviews

Planning Azure AD access reviews deployment

Create access reviews for groups and apps

Create access reviews for groups and apps

Monitor access review findings

Monitor access review findings

Monitor access reviews

Manage licenses for access reviews

Manage licenses for access reviews

Automate access review management tasks

Automate access review management tasks

Configure recurring access reviews

Create one or more access reviews

Configure recurring access reviews

Plan and Implement Privileged Access

Define a privileged access strategy for administrative users (resources, roles, approvals, thresholds)

Define a privileged access strategy for administrative users

Configure Privileged Identity Management for Azure AD roles

Configure PIM for Azure AD roles

Configure Privileged Identity Management for Azure resources

Configure PIM for Azure resources

Assign roles

Assign Azure AD roles in PIM

Assign Azure resource roles in PIM

Manage PIM requests

Approve/deny requests for Azure AD roles in PIM

Analyze PIM audit history and reports

Analyze PIM audit history & reports

View audit history for Azure AD roles in PIM

Create and manage break-glass accounts

Create and manage emergency access accounts

Manage emergency access accounts in Azure AD

Monitor and Maintain Azure Active Directory

Analyze and investigate sign-in logs to troubleshoot access issues

Analyze & investigate sign-in logs to troubleshoot access issues

Review and monitor Azure AD audit logs

Review & monitor Azure AD audit logs

Enable and integrate Azure AD diagnostic logs with Log Analytics / Azure Sentinel

Connect data from Azure AD to Azure Sentinel

Export sign-in and audit logs to a third-party SIEM

Export logs to 3rd party SIEM system

Review Azure AD activity by using Log Analytics / Azure Sentinel, excluding KQL use

Analyze Azure AD activity logs with Azure Monitor logs

Connect data from Azure AD to Sentinel

Analyze Azure Active Directory workbooks/reporting

Use Azure Monitor workbooks for Azure AD reports

Analyze Azure AD workbooks & reporting

Configure notifications

Configure email notifications

Configure notifications

This brings us to the end of the SC-300 Microsoft Identity and Access Administrator exam study guide.

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you how your preparation is going on!

In case you are preparing for other Azure certification exams, check out the Azure study guide for those exams.

Follow Me to Receive Updates on SC-300 Exam


Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the SC-300 Study Guide in Your Network

You may also like