SC-300
https://learn.microsoft.com/en-us/credentials/certifications/resources/study-guides/sc-300Embedded Files
Skills at a glance - Heading
Skills at a glance - Heading
Implement and manage user identities (20–25%)
Implement authentication and access management (25–30%)
Plan and implement workload identities (20–25%)
Plan and automate identity governance (20–25%)
Skills at a glance - Heading with Subheading
Skills at a glance - Heading with Subheading
Implement and manage user identities
1.1 Configure and manage a Microsoft Entra tenant
1.2 Create, configure, and manage Microsoft Entra identities
1.3 Implement and manage identities for external users and tenants
1.4 Implement and manage hybrid identity
Implement authentication and access management
2.1 Plan, implement, and manage Microsoft Entra user authentication
2.2 Plan, implement, and manage Microsoft Entra Conditional Access
2.3 Manage risk by using Microsoft Entra ID Protection
2.4 Implement Global Secure Access
Plan and implement workload identities
3.1 Plan and implement identities for applications and Azure workloads
3.2 Plan, implement, and monitor the integration of enterprise applications
3.3 Plan and implement app registrations
3.4 Manage and monitor app access by using Microsoft Defender for Cloud Apps
Plan and automate identity governance
4.1 Plan and implement entitlement management in Microsoft Entra
4.2 Plan, implement, and manage access reviews in Microsoft Entra
4.3 Plan and implement privileged access
4.4 Monitor identity activity by using logs, workbooks, and reports
- Implement and manage user identities
1.1 Configure and manage a Microsoft Entra tenant
1.1 Configure and manage a Microsoft Entra tenant
Configure and manage built-in and custom Microsoft Entra roles
Recommend when to use administrative units
Configure and manage administrative units
Evaluate effective permissions for Microsoft Entra roles
Configure and manage domains in Microsoft Entra ID and Microsoft 365
Configure Company branding settings
Configure tenant properties, user settings, group settings, and device settings
1.2 Create, configure, and manage Microsoft Entra identities
1.2 Create, configure, and manage Microsoft Entra identities
Create, configure, and manage users
Create, configure, and manage groups
Manage custom security attributes
Automate bulk operations by using the Microsoft Entra admin center and PowerShell
Manage device join and device registration in Microsoft Entra ID
Assign, modify, and report on licenses
1.3 Implement and manage identities for external users and tenants
1.3 Implement and manage identities for external users and tenants
Manage External collaboration settings in Microsoft Entra ID
Invite external users, individually or in bulk
Manage external user accounts in Microsoft Entra ID
Implement Cross-tenant access settings
Implement and manage cross-tenant synchronization
Configure external identity providers, including protocols such as SAML and WS-Fed
1.4 Implement and manage hybrid identity
1.4 Implement and manage hybrid identity
Implement and manage Microsoft Entra Connect Sync
Implement and manage Microsoft Entra Cloud Sync
Implement and manage password hash synchronization (PHS)
Implement and manage pass-through authentication (PTA)
Implement and manage seamless single sign-on (SSO)
Migrate from AD FS to other authentication and authorization mechanisms
Implement and manage Microsoft Entra Connect Health
- Implement authentication and access management
2.1 Plan, implement, and manage Microsoft Entra user authentication
2.1 Plan, implement, and manage Microsoft Entra user authentication
Plan for authentication
Implement and manage authentication methods, including certificate-based, temporary access pass, OAUTH tokens, Microsoft Authenticator, and passkey (FIDO2)
Implement and manage tenant-wide multifactor authentication (MFA) settings
Configure and deploy self-service password reset (SSPR)
Implement and manage Windows Hello for Business
Disable accounts and revoke user sessions
Implement and manage Microsoft Entra password protection
Enable Microsoft Entra Kerberos authentication for hybrid identities
2.2 Plan, implement, and manage Microsoft Entra Conditional Access
2.2 Plan, implement, and manage Microsoft Entra Conditional Access
Plan Conditional Access policies
Implement Conditional Access policy assignments
Implement Conditional Access policy controls
Test and troubleshoot Conditional Access policies
Implement session management
Implement device-enforced restrictions
Implement continuous access evaluation
Configure authentication context
Implement protected actions
Create a Conditional Access policy from a template
2.3 Manage risk by using Microsoft Entra ID Protection
2.3 Manage risk by using Microsoft Entra ID Protection
Implement and manage user risk by using Identity Protection or Conditional Access policies
Implement and manage sign-in risk by using Identity Protection or Conditional Access policies
Implement and manage Multifactor authentication registration policy
Monitor, investigate and remediate risky users and risky sign-ins
Monitor, investigate, and remediate risky workload identities
2.4 Implement Global Secure Access
2.4 Implement Global Secure Access
Deploy Global Secure Access clients
Deploy and manage Private Access
Deploy and manage Internet Access
Deploy and manage Internet Access for Microsoft 365
- Plan and implement workload identities
3.1 Plan and implement identities for applications and Azure workloads
3.1 Plan and implement identities for applications and Azure workloads
Select appropriate identities for applications and Azure workloads, including managed identities, service principals, user accounts, and managed service accounts
Create managed identities
Assign a managed identity to an Azure resource
Use a managed identity assigned to an Azure resource to access other Azure resources
3.2 Plan, implement, and monitor the integration of enterprise applications
3.2 Plan, implement, and monitor the integration of enterprise applications
Plan and implement settings for enterprise applications, including application-level and tenant-level settings
Assign appropriate Microsoft Entra roles to users to manage enterprise applications
Design and implement integration for on-premises apps by using Microsoft Entra Application Proxy
Design and implement integration for software as a service (SaaS) apps
Assign, classify, and manage users, groups, and app roles for enterprise applications
Configure and manage user and admin consent
Create and manage application collections
3.3 Plan and implement app registrations
3.3 Plan and implement app registrations
Plan for app registrations
Create app registrations
Configure app authentication
Configure API permissions
Create app roles
3.4 Manage and monitor app access by using Microsoft Defender for Cloud Apps
3.4 Manage and monitor app access by using Microsoft Defender for Cloud Apps
Configure and analyze cloud discovery results by using Defender for Cloud Apps
Configure connected apps
Implement application-enforced restrictions
Configure Conditional Access app control
Create access and session policies in Defender for Cloud Apps
Implement and manage policies for OAuth apps
Manage the Cloud app catalog
- Plan and automate identity governance
4.1 Plan and implement entitlement management in Microsoft Entra
4.1 Plan and implement entitlement management in Microsoft Entra
Plan entitlements
Create and configure catalogs
Create and configure access packages
Manage access requests
Implement and manage terms of use (ToU)
Manage the lifecycle of external users
Configure and manage connected organizations
4.2 Plan, implement, and manage access reviews in Microsoft Entra
4.2 Plan, implement, and manage access reviews in Microsoft Entra
Plan for access reviews
Create and configure access reviews
Monitor access review activity
Manually respond to access review activity
4.3 Plan and implement privileged access
4.3 Plan and implement privileged access
Plan and manage Microsoft Entra roles in Microsoft Entra Privileged Identity Management (PIM), including settings and assignments
Plan and manage Azure resources in PIM, including settings and assignments
Plan and configure groups managed by PIM
Manage the PIM request and approval process
Analyze PIM audit history and reports
Create and manage break-glass accounts
4.4 Monitor identity activity by using logs, workbooks, and reports
4.4 Monitor identity activity by using logs, workbooks, and reports
Review and analyze sign-in, audit, and provisioning logs by using the Microsoft Entra admin center
Configure diagnostic settings, including configuring destinations such as Log Analytics workspaces, storage accounts, and event hubs
Monitor Microsoft Entra ID by using KQL queries in Log Analytics
Analyze Microsoft Entra ID by using workbooks and reporting
Monitor and improve the security posture by using Identity Secure Score
Google Sites
Report abuse