This comprehensive study guide is your essential companion for preparing for the Microsoft Identity and Access Administrator (SC-300) exam. Designed to equip you with the knowledge and skills required to excel in this critical role, this guide provides a clear roadmap to understanding and implementing robust identity and access management solutions using Microsoft Entra.

Who is this guide for?

This guide is tailored for aspiring and current Microsoft Identity and Access Administrators. If your responsibilities include designing, implementing, and operating an organization’s identity and access management infrastructure with Microsoft Entra, this guide is for you. You'll learn to configure and manage identities throughout their lifecycles for users, devices, Azure resources, and applications, ensuring the application of Zero Trust principles.

As an Identity and Access Administrator, you are instrumental in providing seamless user experiences and self-service capabilities. You’ll gain expertise in planning and implementing identity, authentication, and authorization to enable secure access across diverse applications and resources. Furthermore, this guide will enhance your ability to troubleshoot, monitor, and report on identity and access, collaborating effectively with other organizational roles to drive strategic identity projects, modernize solutions, implement hybrid identity, and enforce identity governance.

What you will learn:

This study guide breaks down the SC-300 exam objectives into manageable sections, covering key areas such as:

• Implementing and Managing User Identities (20–25%):

  • Configuring and managing your Microsoft Entra tenant, including roles, administrative units, domains, and company branding.

  • Creating, configuring, and managing Microsoft Entra identities, users, and groups, including bulk operations and custom security attributes.

  • Managing device join and registration in Microsoft Entra ID.

  • Implementing and managing identities for external users and tenants, including cross-tenant collaboration and synchronization.

  • Implementing and managing hybrid identity solutions, including Microsoft Entra Connect Sync, Cloud Sync, and various authentication methods.

• Implementing Authentication and Access Management (25–30%):

  • Planning, implementing, and managing Microsoft Entra user authentication, including various authentication methods, MFA, and SSPR.

  • Planning, implementing, and managing Microsoft Entra Conditional Access policies, including controls, session management, and continuous access evaluation.

  • Managing risk with Microsoft Entra ID Protection, including user and sign-in risk policies, and remediation.

  • Implementing Global Secure Access for enhanced network security.

• Planning and Implementing Workload Identities (20–25%):

  • Planning and implementing identities for applications and Azure workloads, including managed identities and service principals.

  • Planning, implementing, and monitoring the integration of enterprise applications, including on-premises and SaaS apps.

  • Managing and monitoring app access using Microsoft Defender for Cloud Apps.

• Planning and Automating Identity Governance (20–25%):

  • Planning and implementing entitlement management in Microsoft Entra, including access packages and terms of use.

  • Planning and implementing privileged access using Microsoft Entra Privileged Identity Management (PIM) for roles and Azure resources.