{"id":36129,"date":"2024-08-30T17:00:00","date_gmt":"2024-08-30T11:30:00","guid":{"rendered":"https:\/\/www.testpreptraining.com\/blog\/?p=36129"},"modified":"2024-09-02T10:49:39","modified_gmt":"2024-09-02T05:19:39","slug":"microsoft-sc-300-exam-updates-2024","status":"publish","type":"post","link":"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/","title":{"rendered":"Microsoft SC-300 Exam Updates [2024]"},"content":{"rendered":"\n<p>The Microsoft SC-300 Exam: Identity and Access Administrator certification has recently undergone significant updates in 2024, introducing new content areas and restructuring existing ones. These changes reflect the evolving landscape of identity and access management within Microsoft environments, particularly with the introduction of Microsoft Entra Permissions Management and cross-tenant settings and synchronization. One of the most notable changes is the shift from the Azure AD naming convention to the Entra branding, signaling a broader focus on comprehensive identity solutions beyond just Azure Active Directory.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Key Updates and Additions<\/strong><\/h4>\n\n\n\n<p>The most significant update in the Microsoft SC-300 exam is the addition of Entra Permissions Management. This new topic expands the scope of the exam to cover advanced identity management features that are crucial in today\u2019s security-conscious IT environments. The focus on cross-tenant settings and synchronization is another vital addition, as it reflects the increasing need for organizations to manage identities across multiple cloud environments and tenants. In line with these updates, the exam has also undergone a restructuring, with a more defined focus on the Entra ecosystem.<\/p>\n\n\n\n<figure class=\"wp-block-table aligncenter\"><table><tbody><tr><td><strong>SC-300 Previous Course Outline<\/strong><\/td><td><strong>SC-300 Updated Course Outline<\/strong><\/td><\/tr><tr><td><strong>Module 1 &#8211; Understanding and Implementing identities in Azure AD (20\u201325%)<\/strong><\/td><td><strong>Domain 1- Understanding to implement and manage user identities (20\u201325%)<\/strong><\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>1.1 Learn to Configure and manage an Azure AD tenant<\/em><\/td><td><em>1.1 Explain to configure and manage a Microsoft Entra tenant<\/em><\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Configure and manage Azure AD roles<\/td><td>Learn to configure and manage built-in and custom Microsoft Entra roles<\/td><\/tr><tr><td>Explain to Configure delegation by using administrative units<\/td><td>Learn to&nbsp;recommend when to use administrative units<\/td><\/tr><tr><td>Explain to Analyze Azure AD role permissions<\/td><td>Learn to&nbsp;configure and manage administrative units<\/td><\/tr><tr><td>Explain to Configure and manage custom domains<\/td><td>Learn to&nbsp;evaluate effective permissions for Microsoft Entra roles<\/td><\/tr><tr><td>Explain to Configure tenant-wide settings<\/td><td>Learn to&nbsp;configure and manage domains in Microsoft Entra ID and Microsoft 365<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;configure Company branding settings<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;configure tenant properties, user settings, group settings, and device settings<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>1.2 Learn to Create, configure, and manage Azure AD identities<\/em><\/td><td><em>1.2 Explain to create, configure, and manage Microsoft Entra identities<\/em><\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Create, configure, and manage users<\/td><td>Learn to&nbsp;create, configure, and manage users<\/td><\/tr><tr><td>Explain to Create, configure, and manage groups<\/td><td>Learn to&nbsp;create, configure, and manage groups<\/td><\/tr><tr><td>Explain to Configure and manage device join and registration, including writeback<\/td><td>Learn to&nbsp;manage custom security attributes<\/td><\/tr><tr><td>Explain to Assign, modify, and report on licenses<\/td><td>Learn to&nbsp;automate bulk operations by using the Microsoft Entra admin center and PowerShell<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;manage device join and device registration in Microsoft Entra ID<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;assign, modify, and report on licenses<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>1.3 Learn to Implement and manage external identities<\/em><\/td><td><em>1.3 Explain to implement and manage identities for external users and tenants<\/em><\/td><\/tr><tr><td>Explain to Manage external collaboration settings in Azure AD<\/td><td>Learn to&nbsp;manage External collaboration settings in Microsoft Entra ID<\/td><\/tr><tr><td>Explain to Invite external users, individually or in bulk<\/td><td>Learn to&nbsp;invite external users, individually or in bulk<\/td><\/tr><tr><td>Explain to Manage external user accounts in Azure AD<\/td><td>Learn to&nbsp;manage external user accounts in Microsoft Entra ID<\/td><\/tr><tr><td>Explain to Configure identity providers, including SAML or WS-Fed<\/td><td>Learn to&nbsp;implement Cross-tenant access settings<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;implement and manage cross-tenant synchronization<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;configure external identity providers, including protocols such as SAML and WS-Fed<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>1.4 Learn to Implement and manage hybrid identity<\/em><\/td><td><em>1.4 Explain to implement and manage hybrid identity<\/em><\/td><\/tr><tr><td>Explain to Implement and manage Azure AD Connect<\/td><td>Learn to&nbsp;implement and manage Microsoft Entra Connect Sync<\/td><\/tr><tr><td>Explain to Implement and manage Azure AD Connect cloud sync<\/td><td>Learn to&nbsp;implement and manage Microsoft Entra Cloud Sync<\/td><\/tr><tr><td>Explain to Implement and manage Password Hash Synchronization (PHS)<\/td><td>Learn to&nbsp;implement and manage password hash synchronization<\/td><\/tr><tr><td>Explain to Implement and manage Pass-Through Authentication (PTA)<\/td><td>Learn to&nbsp;implement and manage pass-through authentication<\/td><\/tr><tr><td>Explain to Implement and manage seamless Single Sign-On (SSO)<\/td><td>Learn to&nbsp;implement and manage seamless single sign-on (SSO)<\/td><\/tr><tr><td>Explain to Implement and manage Federation, excluding manual AD FS deployments<\/td><td>Learn to&nbsp;migrate from AD FS to other authentication and authorization mechanisms<\/td><\/tr><tr><td>Explain to Implement and manage Azure AD Connect Health<\/td><td>Learn to&nbsp;implement and manage Microsoft Entra Connect Health<\/td><\/tr><tr><td>Explain to Troubleshoot synchronization errors<\/td><td>&nbsp;<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><strong>Module 2 &#8211; Understanding and Implementing authentication and access management (25\u201330%)<\/strong><\/td><td><strong>Domain 2 &#8211; Understanding to Implement authentication and access management (25\u201330%)<\/strong><\/td><\/tr><tr><td><em>2.1 Learn to Plan, implement, and manage Azure Multifactor Authentication (MFA) and self-service password reset<\/em><\/td><td><em>2.1 Explain to Plan, implement, and manage Microsoft Entra user authentication<\/em><\/td><\/tr><tr><td>Explain to Plan Azure MFA deployment, excluding MFA Server<\/td><td>Learn to&nbsp;plan for authentication<\/td><\/tr><tr><td>Explain to Configure and deploy self-service password reset<\/td><td>Learn to&nbsp;implement and manage authentication methods, including certificate-based, temporary access pass, OAUTH tokens, Microsoft Authenticator, and FIDO2<\/td><\/tr><tr><td>Explain to Implement and manage Azure MFA settings<\/td><td>Learn to&nbsp;implement and manage tenant-wide Multi-factor Authentication (MFA) settings<\/td><\/tr><tr><td>Explain to Manage MFA settings for users<\/td><td>Learn to&nbsp;configure and deploy self-service password reset (SSPR)<\/td><\/tr><tr><td>Explain to Extend Azure AD MFA to third party and on-premises devices<\/td><td>Learn to&nbsp;implement and manage Windows Hello for Business<\/td><\/tr><tr><td>Explain to Monitor Azure AD MFA activity<\/td><td>Learn to&nbsp;disable accounts and revoke user sessions<\/td><\/tr><tr><td>Explain to Plan, implement, and manage Azure AD user authentication<\/td><td>Learn to&nbsp;implement and manage Microsoft Entra password protection<\/td><\/tr><tr><td>Explain to Plan for authentication<\/td><td>Learn to enable Microsoft Entra Kerberos authentication for hybrid identities<\/td><\/tr><tr><td>Explain to Implement and manage authentication methods<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Implement and manage Windows Hello for Business<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Implement and manage password protection and smart lockout<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Implement certificate-based authentication in Azure AD<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Configure Azure AD user authentication for Windows and Linux virtual machines on Azure<\/td><td>&nbsp;<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>2.2 Learn to Plan, implement, and manage Azure AD conditional access<\/em><\/td><td><em>2.2 Explain to plan, implement, and manage Microsoft Entra Conditional Access<\/em><\/td><\/tr><tr><td>Explain to Plan conditional access policies<\/td><td>Learn to&nbsp;plan Conditional Access policies<\/td><\/tr><tr><td>Explain to Implement conditional access policy assignments<\/td><td>Learn to&nbsp;implement Conditional Access policy assignments<\/td><\/tr><tr><td>Explain to Implement conditional access policy controls<\/td><td>Learn to&nbsp;implement Conditional Access policy controls<\/td><\/tr><tr><td>Explain to Test and troubleshoot conditional access policies<\/td><td>Learn to&nbsp;test and troubleshoot Conditional Access policies<\/td><\/tr><tr><td>Explain to Implement session management<\/td><td>Learn to&nbsp;implement session management<\/td><\/tr><tr><td>Explain to Implement device-enforced restrictions<\/td><td>Learn to&nbsp;implement device-enforced restrictions<\/td><\/tr><tr><td>Explain to&nbsp; Implement continuous access evaluation<\/td><td>Learn to&nbsp;implement continuous access evaluation<\/td><\/tr><tr><td>Explain to Create a conditional access policy from a template<\/td><td>Learn to&nbsp;configure authentication context<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;implement protected actions<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;create a Conditional Access policy from a template<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>2.3 Learn to Manage Azure AD Identity Protection<\/em><\/td><td><em>2.3 Explain to manage risk by using Microsoft Entra ID Protection<\/em><\/td><\/tr><tr><td>Explain to Implement and manage a user risk policy<\/td><td>Learn to&nbsp;implement and manage user risk by using Identity Protection or Conditional Access policies<\/td><\/tr><tr><td>Explain to Implement and manage sign-in risk policy<\/td><td>Learn to&nbsp;implement and manage sign-in risk by using Identity Protection or Conditional Access policies<\/td><\/tr><tr><td>Explain to Implement and manage MFA registration policy<\/td><td>Learn to&nbsp;implement and manage Multifactor authentication registration policies<\/td><\/tr><tr><td>Explain to Monitor, investigate and remediate risky users<\/td><td>Learn to&nbsp;monitor, investigate and remediate risky users and risky sign-ins<\/td><\/tr><tr><td>Explain to Implement security for workload identities<\/td><td>Learn to&nbsp;monitor, investigate, and remediate risky workload identities<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>2.4 Learn to Implement access management for Azure resources<\/em><\/td><td><em>2.4 Explain to implement access management for Azure resources by using Azure roles<\/em><\/td><\/tr><tr><td>Explain to Assign Azure roles<\/td><td>Learn to&nbsp;create custom Azure roles, including both control plane and data plane permissions<\/td><\/tr><tr><td>Explain to Configure custom Azure roles<\/td><td>Learn to&nbsp;assign built-in and custom Azure roles<\/td><\/tr><tr><td>Explain to Create and configure managed identities<\/td><td>Learn to&nbsp;evaluate effective permissions for a set of Azure roles<\/td><\/tr><tr><td>Explain to Use managed identities to access Azure resources<\/td><td>Learn to&nbsp;assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines<\/td><\/tr><tr><td>Explain to Analyze Azure role permissions<\/td><td>Learn to&nbsp;configure Azure Key Vault role-based access control (RBAC) and access policies<\/td><\/tr><tr><td>Explain to Configure Azure Key Vault RBAC and policies<\/td><td>&nbsp;<\/td><\/tr><tr><td>&nbsp;<\/td><td><em>2.5 Explain to implement Global Secure Access<\/em><\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;deploy Global Secure Access clients<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;deploy Private Access<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;deploy Internet Access<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to&nbsp;deploy Internet Access for Microsoft 365<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><strong>Module 3 &#8211; Understanding and Implement access management for applications (15\u201320%)<\/strong><\/td><td><strong>Domain 3 &#8211; Understanding to plan and implement workload identities (20\u201325%)<\/strong><\/td><\/tr><tr><td><em>3.1 Learn to Manage and monitor application access by using Microsoft Defender for Cloud Apps<\/em><\/td><td><em>3.1 Explain to plan and implement identities for applications and Azure workloads<\/em><\/td><\/tr><tr><td>Explain to Discover and manage apps by using Microsoft Defender for Cloud Apps<\/td><td>Learn to select appropriate identities for applications and Azure workloads (Including managed identities, service principals, user accounts, and managed service accounts)<\/td><\/tr><tr><td>Explain to Configure connectors to apps<\/td><td>Learn to create managed identities<\/td><\/tr><tr><td>Explain to Implement application-enforced restrictions<\/td><td>Learn to assign a managed identity to an Azure resource<\/td><\/tr><tr><td>Explain to Configure conditional access app control<\/td><td>Learn to use a managed identity assigned to an Azure resource to access other Azure resources<\/td><\/tr><tr><td>Explain to Create access and session policies in Microsoft Defender for Cloud Apps<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Implement and manage policies for OAUTH apps<\/td><td>&nbsp;<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>3.2 Learn to Plan, implement, and monitor the integration of Enterprise applications<\/em><\/td><td><em>3.2 Explain to plan, implement, and monitor the integration of enterprise applications<\/em><\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to plan and implement settings for enterprise applications, including application-level and tenant-level settings<\/td><\/tr><tr><td>Explain to Configure and manage user and admin consent<\/td><td>Learn to assign appropriate Microsoft Entra roles to users to manage enterprise applications<\/td><\/tr><tr><td>Explain to Discover apps by using ADFS application activity reports<\/td><td>Learn to design and implement integration for on-premises apps by using Microsoft Entra Application Proxy<\/td><\/tr><tr><td>Explain to Design and implement access management for apps<\/td><td>Learn to design and implement integration for software as a service (SaaS) apps<\/td><\/tr><tr><td>Explain to Design and implement app management roles<\/td><td>Learn to assign, classify, and manage users, groups, and app roles for enterprise applications<\/td><\/tr><tr><td>Explain to Monitor and audit activity in enterprise applications<\/td><td>Learn to configure and manage user and admin consent<\/td><\/tr><tr><td>Explain to Design and implement integration for on-premises apps by using Azure AD application proxy<\/td><td>Learn to create and manage application collections<\/td><\/tr><tr><td>Explain to Design and implement integration for SaaS apps<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Provision and manage users, groups, and roles on Enterprise applications<\/td><td>&nbsp;<\/td><\/tr><tr><td>Explain to Create and manage application collections<\/td><td>&nbsp;<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>3.3 Lean to Plan and implement application registrations<\/em><\/td><td><em>3.3 Explain to plan and implement app registrations<\/em><\/td><\/tr><tr><td>Explain to Plan for application registrations<\/td><td>Learn to plan for app registrations<\/td><\/tr><tr><td>Explain to Implement application registrations<\/td><td>Learn to create app registrations<\/td><\/tr><tr><td>Explain to Configure application permissions<\/td><td>Learn to configure app authentication<\/td><\/tr><tr><td>Explain to Implement application authorization<\/td><td>Learn to configure API permissions<\/td><\/tr><tr><td>Explain to Plan and configure multi-tier application permissions<\/td><td>Learn to create app roles<\/td><\/tr><tr><td>Explain to Manage and monitor applications by using App governance<\/td><td>&nbsp;<\/td><\/tr><tr><td>&nbsp;<\/td><td><em>3.4 Explain to manage and monitor app access by using Microsoft Defender for Cloud Apps<\/em><\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to configure and analyze cloud discovery results by using Defender for Cloud Apps<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to configure connected apps<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to implement application-enforced restrictions<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to configure Conditional Access app control<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to create access and session policies in Defender for Cloud Apps<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to implement and manage policies for OAuth apps<\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to manage the Cloud app catalog<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><strong>Module 4 &#8211; Understand to Plan and implement identity governance in Azure AD (20\u201325%)<\/strong><\/td><td><strong>Domain 4 &#8211; Understanding to plan and automate identity governance (25\u201330%)<\/strong><\/td><\/tr><tr><td>4.1 Learn to Plan and implement entitlement management<\/td><td>4.1 Explain to plan and implement entitlement management in Microsoft Entra<\/td><\/tr><tr><td>Explain to Plan entitlements<\/td><td>Learn to plan entitlements<\/td><\/tr><tr><td>Explain to Create and configure catalogs<\/td><td>Learn to create and configure catalogs<\/td><\/tr><tr><td>Explain to Create and configure access packages<\/td><td>Learn to create and configure access packages<\/td><\/tr><tr><td>Explain to Manage access requests<\/td><td>Learn to manage access requests<\/td><\/tr><tr><td>Explain to Implement and manage terms of use<\/td><td>Learn to implement and manage terms of use (ToU)<\/td><\/tr><tr><td>Explain to Manage the lifecycle of external users in Azure AD Identity Governance settings<\/td><td>Learn to manage the lifecycle of external users<\/td><\/tr><tr><td>Explain to Configure and manage connected organizations<\/td><td>Learn to configure and manage connected organizations<\/td><\/tr><tr><td>Explain to Review per-user entitlements by using Azure AD Entitlement management<\/td><td>&nbsp;<\/td><\/tr><tr><td>&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td><em>4.2 Learn to Plan, implement, and manage access reviews<\/em><\/td><td><em>4.2 Explain to Plan, implement, and manage access reviews in Microsoft Entra<\/em><\/td><\/tr><tr><td>&nbsp;<\/td><td>Learn to plan for access reviews<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading has-text-align-center has-content-bg-color has-content-primary-background-color has-text-color has-background has-link-color wp-elements-c60705e7878639c6e98339fae88c84f1\"><strong>Microsoft SC-300 Exam<\/strong> <strong>Preparation Tips <\/strong><\/h2>\n\n\n\n<p>When preparing for the Microsoft SC-300 exam, it is crucial to be aware of the changes that have been introduced with the Entra platform. These changes include not just new features but also enhancements to existing functionalities. For instance, Access Reviews, which were once limited to Privileged Identity Management (PIM) for Microsoft Entra ID roles, have now expanded to encompass Azure roles, groups, and applications. These kind of changes and updates in features are overlooked if you are not working closely with these technologies, and specially if your experience has been limited to basic functionalities.<\/p>\n\n\n\n<p>One of the first things to consider during your preparation is whether your exposure to Entra has been primarily within Microsoft 365 workloads or Azure workloads. This distinction is important because it will dictate the areas you need to focus on for the exam. For example, if your experience is mostly with Microsoft 365, you might need to familiarize yourself with app registrations, a topic more commonly encountered by Azure administrators. Conversely, if your background is in Azure, you may need to review features like Microsoft 365 groups, which you might not have encountered frequently.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Key Domains and Objectives in the Microsoft SC-300 Exam<\/strong><\/h3>\n\n\n\n<p>The Microsoft SC-300 exam is divided into several key domains, each with its own set of objectives. Below is an overview of some of the main areas of focus:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"implement-an-identity-management-solution-25-30\"><strong>Domain &#8211; Understanding to implement identities in Microsoft Entra ID (20\u201425%)<\/strong><\/h4>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"implement-initial-configuration-of-azure-active-directory\"><em>Explain to configure and manage a Microsoft Entra tenant<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to configure and manage built-in and custom Microsoft Entra roles\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/active-directory-users-assign-role-azure-portal?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Assign roles to users<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/users-groups-roles\/directory-manage-roles-portal?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">View and assign roles<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to recommend when to use administrative units\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/roles\/administrative-units?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Administrative units<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure and manage administrative units\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/role-based-access-control\/admin-units-manage?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Create or delete administrative units<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to evaluate effective permissions for Microsoft Entra roles\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/admin\/add-users\/about-admin-roles?WT.mc_id=M365-MVP-4039827&amp;view=o365-worldwide\" target=\"_blank\">About admin roles<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure and manage custom domains\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-au\/office365\/admin\/setup\/add-domain?view=o365-worldwide\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Add domain<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-au\/office365\/admin\/setup\/domains-faq?view=o365-worldwide\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Domains FAQ<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-au\/microsoft-365\/admin\/setup\/domains-faq?view=o365-worldwide#can-i-add-custom-subdomains-or-multiple-domains-to-microsoft-365?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Can I add custom subdomains or multiple domains to Microsoft 365?<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-au\/microsoft-365\/admin\/setup\/domains-faq?view=o365-worldwide#how-do-i-set-or-change-the-default-domain-in-microsoft-365?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">How do I change the default domain in Microsoft 365?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure Company branding settings\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/how-to-customize-branding?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Add company branding<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure tenant properties, user settings, group settings, and device settings\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/devices\/overview\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">What is device management in Microsoft Entra ID?<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/devices\/concept-azure-ad-register?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">What are Microsoft Entra ID registered devices?<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/devices\/plan-device-deployment?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Plan your Microsoft Entra ID device deployment<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/devices\/concept-azure-ad-join?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Microsoft Entra ID joined devices<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/devices\/concept-azure-ad-join-hybrid?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Hybrid Microsoft Entra ID joined devices<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"create-configure-and-manage-identities\"><em>Explain to create, configure, and manage Microsoft Entra identities<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to create, configure, and manage users\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/add-users-azure-active-directory?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Add or delete a new user<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/how-to-create-delete-users?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">How to create, invite, and delete users<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create, configure, and manage groups\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/admin\/create-groups\/office-365-groups?WT.mc_id=M365-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Overview of Microsoft 365 Groups for administrators<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/groups-view-azure-portal?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Create a group and add members<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/how-to-manage-groups?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Manage groups<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manage custom security attributes\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/custom-security-attributes-manage?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Manage access to custom security attributes in Microsoft Entra ID<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to automate the management of users and groups by using PowerShell\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/powershell\/microsoftgraph\/get-started?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Get started with the Microsoft Graph PowerShell SDK<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to assign, modify, and report on licenses\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/enterprise\/subscriptions-licenses-accounts-and-tenants-for-microsoft-cloud-offerings?%3FWT.mc_id=EM-MVP-4039827&amp;view=o365-worldwide\" target=\"_blank\">Subscriptions, licenses, and tenants<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/office365\/enterprise\/powershell\/manage-user-accounts-and-licenses-with-office-365-powershell\/?wt.mc_id=4039827\/?wt.mc_id=4039827\" target=\"_blank\">Manage user accounts and licenses<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"implement-and-manage-external-identities\"><br><em>Explain to implement and manage identities for external users and tenants<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to manage External collaboration settings in Microsoft Entra ID\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/external-identities\/delegate-invitations?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Configure external collaboration settings<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to invite external users, individually or in bulk\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/b2b\/b2b-quickstart-add-guest-users-portal?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Add guest users in the portal<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/b2b\/b2b-quickstart-invite-powershell?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Add guest users with PowerShell<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manage external user accounts in Microsoft Entra ID\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/sharepoint\/modern-experience-sharing-permissions?WT.mc_id=M365-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Permissions and sharing<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement Cross-tenant access settings\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/multi-tenant-organizations\/cross-tenant-synchronization-overview?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">What is cross-tenant synchronization?<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/external-id\/cross-tenant-access-overview?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Cross-tenant access overview<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage cross-tenant synchronization\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/multi-tenant-organizations\/cross-tenant-synchronization-overview?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">What is a cross-tenant synchronization in Microsoft Entra ID?<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/multi-tenant-organizations\/cross-tenant-synchronization-configure?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Configure cross-tenant synchronization<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure identity providers, including SAML and WS-Fed\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/auth-saml?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">SAML authentication<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create and manage a Microsoft Entra B2C tenant (Microsoft Entra External ID)\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory-b2c\/tutorial-create-tenant?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Tutorial: Create a Microsoft Entra B2C tenant<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"implement-and-manage-hybrid-identity\"><em>Explain to Implement and manage hybrid identity<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to implement and manage Microsoft Entra Connect\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/plan-hybrid-identity-design-considerations-overview\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Hybrid Identity Design Considerations Overview<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/enterprise\/set-up-directory-synchronization?WT.mc_id=M365-MVP-4039827&amp;view=o365-worldwide\" target=\"_blank\">Set up directory synchronization for Microsoft 365<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage Microsoft Entra Connect cloud sync\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/cloud-sync\/what-is-cloud-sync?toc=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fcloud-sync%2Ftoc.json&amp;bc=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fbread%2Ftoc.json?WT.mc_id=M365-MVP-4039827\" target=\"_blank\">What is Microsoft Entra ID Connect cloud sync?<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/cloud-sync\/how-to-configure?WT.mc_id=M365-MVP-4039827\" target=\"_blank\">Cloud sync configuration<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage password hash synchronization\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/how-to-connect-password-hash-synchronization?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">What is password hash synchronization?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage pass-through authentication\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/how-to-connect-pta?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">What is pass-through authentication?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage seamless single sign-on (SSO)\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/how-to-connect-sso?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">What is Single Sign-On?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage federation, excluding manual Active Directory Federation Services (AD FS) deployments\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/how-to-connect-fed-management\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Managing federation with Microsoft Entra ID Connect<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage Microsoft Entra Connect Health\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/how-to-connect-health-operations\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Microsoft Entra ID Connect Health Operations<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to troubleshoot synchronization errors\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/tshoot-connect-sync-errors\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Errors during synchronization<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"implement-an-authentication-and-access-management-solution-25-30\"><strong>Domain 3 &#8211; Understanding to Implement authentication and access management (25-30%)<\/strong><\/h4>\n\n\n\n<h5 class=\"wp-block-heading\"><em>Explain to Plan, implement, and manage Microsoft Entra ID user authentication<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to plan for authentication\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/active-directory-deployment-plans?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/active-directory-deployment-plans?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Entra deployment plans<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/plan-hybrid-identity-design-considerations-business-needs?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Determine identity requirements<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/hybrid\/plan-hybrid-identity-design-considerations-multifactor-auth-requirements\/?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Determine multi-factor auth requirements<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage authentication methods\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-sspr-howitworks?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">How it works: Microsoft Entra ID self-service password reset<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-authentication-methods?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Authentication methods<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage tenant-wide Multi-factor Authentication (MFA) settings\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-mfa-howitworks?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">How it works: Azure Multi-Factor Authentication<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manage per-user MFA settings\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/tutorial-enable-azure-mfa?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Tutorial: Secure user sign-in events with Microsoft Entra ID Multi-Factor Authentication<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure and deploy self-service password reset (SSPR)\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-sspr-howitworks?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-sspr-howitworks?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Self-service password reset deep dive<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage Windows Hello for Business\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/security\/identity-protection\/hello-for-business\/hello-deployment-guide?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Hello for Business Deployment Overview<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to disable accounts and revoke user sessions\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/users\/users-revoke-access?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Revoke a user\u2019s access<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage password protection and smart lockout\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-password-ban-bad?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Password protection in Microsoft Entra ID<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-password-smart-lockout?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Prevent attacks using smart loc<\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-password-smart-lockout\">kout<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to enable Microsoft Entra Kerberos authentication for hybrid identities\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/architecture\/auth-kcd?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Windows authentication \u2013 Kerberos constrained delegation with Microsoft Entra ID<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement certificate-based authentication in Microsoft Entra ID\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-certificate-based-authentication?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Overview of Microsoft Entra ID certificate-based authentication<\/a><mark><\/mark><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"plan-implement-and-administer-conditional-access\"><em>Explain to plan, implement, and administer conditional access<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to plan Conditional Access policies\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/intune\/conditional-access-intune-common-ways-use?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Common ways to use conditional access<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/concept-fundamentals-security-defaults\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/concept-fundamentals-security-defaults\" target=\"_blank\" rel=\"noreferrer noopener\">Providing a default level of security in Microsoft Entra ID<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement Conditional Access policy assignments\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/intune\/conditional-access-exchange-create?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Create and assign conditional access policy<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement Conditional Access policy controls\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/intune\/conditional-access-exchange-create?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Create and assign conditional access policy<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to test and troubleshooting Conditional Access policies\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/intune\/conditional-access-exchange-monitor?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Monitor conditional access<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement session management\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/proxy-intro-aad?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Protect apps with Session Control in Microsoft Defender for Cloud Apps<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement device-enforced restrictions\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/intune\/quickstart-set-password-length-android?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Create a device compliance policy<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement continuous access evaluation\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/concept-continuous-access-evaluation?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Continuous access evaluation<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create a Conditional Access Policy from a template\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/concept-conditional-access-policy-common#conditional-access-templates-preview?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Conditional Access templates<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"manage-azure-ad-identity-protection\"><em>Explain to manage Microsoft Entra ID Identity Protection<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to implement and manage user risk policies\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/identity-protection\/howto-user-risk-policy?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Configure the user risk policy<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage sign-in risk policies\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/identity-protection\/howto-sign-in-risk-policy?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Configure the sign-in risk policy<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage MFA registration policies\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-how-to-require-mfa?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">MFA and PIM<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to monitor, investigate and remediate risky users\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/identity-protection\/playbook?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Simulate risk events<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to monitor, investigate and remediate risky workload identities\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/identity-protection\/concept-workload-identity-risk?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Securing workload identities<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><em>Explain to implement access management for Azure resources<\/em><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to create custom Azure roles, including both control plane and data plane permissions\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/custom-roles?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Create Custom Azure Roles<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to assign built-in and custom Azure roles\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/elevate-access-global-admin?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\">Elevate access to manage all Azure subscriptions and management groups<u>&nbsp;<\/u><\/a>&nbsp;<\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/cost-management-billing\/manage\/add-change-subscription-administrator?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\">Add or change Azure subscription administrators<u>&nbsp;<\/u><\/a>&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/overview\">What&nbsp;<\/a><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/overview?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\">i<\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/overview\">s Azure role-based access control (Azure RBAC)?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to evaluate effective permissions for a set of Azure roles\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/role-assignments-list-portal?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\">List Azure role assignments using the Azure portal<\/a>&nbsp;<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/devices\/howto-vm-sign-in-azure-ad-linux?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Log in to a Linux virtual machine in Azure by using Microsoft Entra ID and OpenSSH<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/devices\/howto-vm-sign-in-azure-ad-windows?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Log in to a Windows virtual machine in Azure by using Microsoft Entra ID<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure Azure Key Vault RBAC and policies\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/key-vault\/general\/secure-your-key-vault?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\">Secure access to a key vault<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/key-vault\/general\/managed-identity?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\">Provide Key Vault authentication with a managed identity<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/key-vault\/policy-samples?WT.mc_id=AZ-MVP-4039827\" target=\"_blank\">Azure Policy built-in policy definitions for Key Vault<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/role-based-access-control\/best-practices\" target=\"_blank\" rel=\"noreferrer noopener\">Best practices for Azure RBAC<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"implement-access-management-for-apps-10-15\"><strong>Domain 3 &#8211; <strong>Understanding to <\/strong>Plan and implement workload identities (20\u201325%)<\/strong><\/h4>\n\n\n\n<h5 class=\"wp-block-heading\"><em>Explain to plan and implement identities for applications and Azure workloads<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to select appropriate identities for applications and Azure workloads, including managed identities, service principals, user accounts, and managed service accounts\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/managed-identities-azure-resources\/overview?WT.mc_id=EM-MVP-4039827\">About managed identiti<\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/managed-identities-azure-resources\/overview?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">e<\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/managed-identities-azure-resources\/overview?WT.mc_id=EM-MVP-4039827\">s for Azure resources<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create managed identities\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/architecture\/service-accounts-managed-identities?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Secure managed identities<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to assign a managed identity to an Azure resource\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/managed-identities-azure-resources\/qs-configure-portal-windows-vm?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Configure managed identities for Azure resources on a VM using the Azure portal<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to use a managed identity assigned to an Azure resource to access other Azure resources\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/managed-identities-azure-resources\/managed-identity-best-practice-recommendations?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Managed identity best practice recommendations<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"plan-implement-and-monitor-the-integration-of-enterprise-apps-for-single-sign-on-sso\"><em>Explain to plan, implement, and monitor the integration of enterprise applications<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to configure and manage user and admin consent\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/manage-apps\/manage-consent-requests?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Managing consent to applications and evaluating consent requests<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to discover apps by using AD FS application activity reports\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/manage-apps\/migrate-adfs-application-activity?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Use the AD FS application activity report<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to plan and implement settings for enterprise applications, including application-level and tenant-level settings\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/manage-apps\/what-is-access-management?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">App access options<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to assign appropriate Microsoft Entra roles to users to manage enterprise applications\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/roles\/custom-enterprise-app-permissions?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">App permissions for custom roles in Microsoft Entra ID<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to monitor and audit activity in enterprise applications\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/concept-sign-ins?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Sign-in logs<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to design and implement integration for on-premises apps by using Microsoft Entra application proxy\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/app-proxy\/application-proxy?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Application Proxy<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to design and implement integration for SaaS apps\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/manage-apps\/add-application-portal?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Add an app<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/saas-apps\/tutorial-list?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">SaaS application tutorials<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to assign, classify, and manage users, groups, and app roles for enterprise applications\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/manage-apps\/add-application-portal?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Add an app<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create and manage application collections\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/manage-apps\/access-panel-collections?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Create collections<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"implement-app-registrations\"><em>Explain to plan and implement application registrations<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to plan for app registrations\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/quickstart-register-app?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Register app or web API<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create app registrations\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/authentication-flows-app-scenarios?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">App scenarios and authentication flows<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure app authentication\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/authentication-vs-authorization?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Authentication vs. authorization<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to Configure API permissions\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/manage-apps\/manage-application-permissions?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Review permissions granted to apps<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/quickstart-register-app?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Register app or web API<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/single-and-multi-tenant-apps?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Single tenant and multi-tenant apps<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create app roles\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity-platform\/custom-rbac-for-developers?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Role-based access control for application developers<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\"><em>Explain to manage and monitor appaccess by using Microsoft Defender for Cloud Apps<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to configure and analyze cloud discovery results by using Defender for Cloud Apps\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/tutorial-shadow-it\" target=\"_blank\">Discover and manage shadow IT in your network<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/discovered-apps\" target=\"_blank\" rel=\"noreferrer noopener\">Working with discovered apps \u2013 Microsoft Defender for Cloud Apps<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/defender-cloud-apps\/app-governance-manage-app-governance?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Protect and govern your apps<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure connected apps\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/azip-integration?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Azure Information Protection integration<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/siem?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">SIEM integration<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/icap-stunnel?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">External DLP integration<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/flow-integration?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Integrate with PowerAutomate<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/api-tokens?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">API tokens<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement application-enforced restrictions\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/discovered-apps\" target=\"_blank\">Discovered apps with Cloud App Security<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure Conditional Access app control\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/concept-conditional-access-cloud-apps?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Cloud apps or actions in Conditional Access policy<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create access and session policies in Defender for Cloud Apps\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/policy-template-reference?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Policy template reference<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/control-cloud-apps-with-policies?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Control cloud apps with policies<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage policies for OAUTH apps\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/defender-cloud-apps\/manage-app-permissions?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Manage OAuth apps<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manage the Cloud app catalog\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-cloud-apps\/working-with-app-page?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Working with the app page<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-cloud-apps\/proxy-deployment-aad?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Deploy for catalog apps with Microsoft Entra<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"plan-and-implement-an-identity-governance-strategy-25-30\"><strong>Domain 4 &#8211; <strong>Understanding to <\/strong>Plan and implement identity governance (20-25%)<\/strong><\/h4>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"plan-and-implement-entitlement-management\"><em>Explain to Plan and implement entitlement management in Microsoft Entra<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to plan entitlements\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-scenarios?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Common scenarios in Microsoft Entra ID entitlement management<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-overview?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">What is entitlement management?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create and configure catalogs\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-catalog-create\">Create &amp; manage a catalog of resources in entitlement management \u2013 Microsoft Entra ID<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create and configure access packages\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-access-package-create\">Create a new access package<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manage access requests\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-request-approve?WT.mc_id=EM-MVP-4039827\" target=\"_blank\">Approve or deny access requests in Microsoft Entra ID entitlement management<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to implement and manage terms of use (ToU)\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/terms-of-use\" target=\"_blank\">Require terms o<\/a><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/terms-of-use?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">f<\/a><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/terms-of-use\" target=\"_blank\">&nbsp;use<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manage the lifecycle of external users\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/terms-of-use?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Review and remove users from external organizations<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure and manage connected organizations\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-organization?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Add a connected organization<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"plan-implement-and-manage-access-reviews\"><em>Explain to Plan, implement, and manage access reviews in Microsoft Entra<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to plan for access reviews\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/deploy-access-reviews?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Plan Access review deployment<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/access-reviews-overview#license-requirements?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">License requirements<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create and configure access reviews\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-access-reviews-create?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Create an access review<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/access-reviews-application-preparation?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Prepare for an app access review<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to monitor access review activity\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/entitlement-management-access-reviews-review-access?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Review access<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manually respond to access review activity\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/graph\/api\/resources\/accessreviewsv2-root?view=graph-rest-beta&amp;preserve-view=true?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Access reviews<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/governance\/deploy-access-reviews#automate-actions-based-on-access-reviews?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Automate actions based on Access Reviews<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"plan-and-implement-privileged-access\"><em>Explain to Plan and implement privileged access<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to plan and manage Azure roles in Microsoft Entra Privileged Identity Management (PIM), including settings and assignments\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-deployment-plan?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Deploy PIM<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-how-to-add-role-to-user?tabs=new?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Assign Microsoft Entra ID roles in Privileged Identity Management<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-resource-roles-assign-roles\" target=\"_blank\">Assign Azure resource roles in Privileged<\/a><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-resource-roles-assign-roles?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">&nbsp;<\/a><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-resource-roles-assign-roles\" target=\"_blank\">Identity Management<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/azure-ad-roles-features?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Management capabilities for Microsoft Entra ID roles in Privileged Identity Management<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to plan and manage Azure resources in PIM, including settings and assignments\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-resource-roles-discover-resources?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Discover Azure resources<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to plan and configure Privileged Access groups\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/groups-features?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Management capabilities for Privileged Access groups<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to manage the PIM request and approval process\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/azure-ad-pim-approval-workflow?tabs=new?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Approve or deny requests for Microsoft Entra ID roles in Privileged Identity Management<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-resource-roles-approval-workflow?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Approve or deny requests for Azure resource roles in Privileged Identity Management<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to analyze PIM audit history and reports\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-how-to-use-audit-log?tabs=new?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">View audit history for Microsoft Entra ID roles in Privileged Identity Management<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/azure-pim-resource-rbac?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">View activity and audit history for Azure resource roles in Privileged Identity Management<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to create and manage break-glass accounts\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/roles\/security-emergency-access?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Create emergency accounts<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"monitor-and-maintain-azure-active-directory\"><em>Explain to monitor identity activity by using logs, workbooks, and reports<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to design a strategy for monitoring Microsoft Entra\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/overview-monitoring?WT.mc_id=EM-MVP-4039827\">Microsoft Entra ID monitoring<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to review and analyze sign-in, audit, and provisioning logs by using the Microsoft Entra admin center\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/concept-sign-ins?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Sign-in logs<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/concept-audit-logs?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Audit logs<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-mfa-reporting?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">MFA Reports<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-authentication-methods-activity\" target=\"_blank\" rel=\"noreferrer noopener\">Authentication methods activity<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure diagnostic settings, including configuring destinations such as Log Analytics workspaces, storage accounts, and event hubs\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/tutorial-log-analytics-wizard?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Log analytics wizard<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/tutorial-azure-monitor-stream-logs-to-event-hub?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Stream logs to event hub<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to monitor Microsoft Entra by using KQL queries in Log Analytics\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/howto-install-use-log-analytics-views?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Install and use the log analytics views for Microsoft Entra ID<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/sentinel\/connect-azure-active-directory?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/sentinel\/connect-azure-active-directory?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Connect Microsoft Entra data to Microsoft Sentinel<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/azure-monitor\/alerts\/alerts-activity-log?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">Alert on an activity log event<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to analyze Microsoft Entra by using workbooks and reporting\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/howto-use-azure-monitor-workbooks?WT.mc_id=ES-MVP-4039827\" target=\"_blank\">how to use Microsoft Entra ID workbooks<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to monitor and improve the security posture by using Identity Secure Score\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/identity-secure-score?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Identity secure score<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h5 class=\"wp-block-heading\"><em>Explain to plan and implement Microsoft Entra Permissions Management<\/em><\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Learn to onboard Azure subscriptions to Permissions Management\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/permissions-management\/onboard-azurehttps:\/\/learn.microsoft.com\/en-us\/entra\/permissions-management\/onboard-azure?WT.mc_id=ES-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Onboard an Azure subscription<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to evaluate and remediate risks relating to Azure identities, resources, and tasks\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/permissions-management\/usage-analytics-home?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">View analytic information with the Analytics dashboard<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to evaluate and remediate risks relating to Azure highly privileged roles\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/permissions-management\/product-privileged-role-insights?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">View privileged role assignments in your organization<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to evaluate and remediate risks relating to Permissions Creep Index (PCI) in Azure\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/permissions-management\/faqs#how-can-customers-monitor-permissions-usage-with-permissions-management?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">How can customers monitor permissions usage with Permissions Management?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Learn to configure activity alerts and triggers for Azure subscriptions\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/permissions-management\/how-to-create-alert-trigger?WT.mc_id=EM-MVP-4039827\" target=\"_blank\" rel=\"noreferrer noopener\">Create and view activity alerts and alert triggers<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>The Microsoft SC-300 exam\u2019s recent updates reflect the growing importance of comprehensive identity and access management solutions within Microsoft\u2019s cloud offerings. As organizations continue to navigate complex identity landscapes, the inclusion of Entra Permissions Management and cross-tenant features in the exam underscores the need for skilled professionals who can manage and secure identities across diverse environments. By focusing on the new and expanded content areas, candidates can ensure they are well-prepared to tackle the challenges of the Microsoft SC-300 exam in 2024.<\/p>\n\n\n\n<h3 class=\"wp-block-heading has-text-align-center has-content-bg-color has-content-primary-background-color has-text-color has-background has-link-color wp-elements-6bf30a8255ec7bd8ca23da0756d33b14\"><strong>Azure AD vs. Microsoft Entra<\/strong> <strong>ID :<\/strong> <strong>Overview of Identity and Access Management (IAM) Solutions<\/strong><\/h3>\n\n\n\n<p>In a study conducted, it was observed that a approximately 50% of organizations primarily use Active Directory Federation Services (ADFS), a Windows Server role that enables single sign-on (SSO) access, for connecting with Azure Active Directory (Azure AD). Also nearly, 25% of organizations rely on Microsoft\u2019s Password Hash Sync service for the same purpose.<\/p>\n\n\n\n<p>Identity and Access Management (IAM) is now critical for securing access to various resources and applications. Among the IAM solutions offered by Microsoft, Azure AD and Microsoft Entra are two of the most prominent. Both provide extensive identity management capabilities, but their distinct features make it crucial for businesses to understand their differences.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Transition from Azure AD to Microsoft Entra ID<\/strong><\/h3>\n\n\n\n<p>Microsoft is transitioning <strong>Azure AD<\/strong> into <strong>Microsoft Entra ID<\/strong>, marking a significant evolution in its identity and access management services. Below is a comparison to highlight their key differences:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>Aspect<\/strong><\/th><th><strong>Azure AD<\/strong><\/th><th><strong>Microsoft Entra<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>Type<\/strong><\/td><td>Cloud-based IAM solution<\/td><td>Hybrid IAM solution<\/td><\/tr><tr><td><strong>Primary Use<\/strong><\/td><td>Identity and access management in cloud environments<\/td><td>Advanced IAM for complex, hybrid environments<\/td><\/tr><tr><td><strong>Integration<\/strong><\/td><td>Seamless with Microsoft 365 and third-party apps<\/td><td>Extends IAM capabilities to on-premises Active Directory<\/td><\/tr><tr><td><strong>Advanced Security<\/strong><\/td><td>SSO, Multi-factor Authentication (MFA)<\/td><td>Risk-based Conditional Access, Privileged Identity Management (PIM)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Features and Benefits of Azure AD<\/strong><\/h3>\n\n\n\n<p>Azure AD is a cloud-native IAM solution designed to simplify identity management and access control. Its key features include:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>Feature<\/strong><\/th><th><strong>Description<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>Single Sign-On (SSO)<\/strong><\/td><td>Users can access multiple applications with a single set of credentials, improving productivity.<\/td><\/tr><tr><td><strong>Multi-Factor Authentication<\/strong><\/td><td>Enhances security by requiring additional verification methods like SMS codes or biometric data.<\/td><\/tr><tr><td><strong>Microsoft 365 Integration<\/strong><\/td><td>Seamless integration with Microsoft 365, providing a unified user experience across applications.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>Azure AD is suitable for small to medium-sized businesses that need straightforward cloud-based identity management at an affordable cost.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Understanding Microsoft Entra<\/strong><\/h3>\n\n\n\n<p>Microsoft Entra is designed to meet the needs of organizations with complex identity management requirements, offering advanced features that differentiate it from Azure AD:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>Feature<\/strong><\/th><th><strong>Description<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>Advanced Identity Protection<\/strong><\/td><td>Utilizes risk-based conditional access policies to secure access to sensitive resources.<\/td><\/tr><tr><td><strong>Privileged Identity Management (PIM)<\/strong><\/td><td>Manages elevated access rights for privileged accounts, reducing the risk of data breaches.<\/td><\/tr><tr><td><strong>On-Premises Integration<\/strong><\/td><td>Integrates seamlessly with on-premises Active Directory environments, extending IAM capabilities to the cloud.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Architecture and Deployment Options<\/strong><\/h3>\n\n\n\n<p>The architecture and deployment options for Azure AD and Microsoft Entra vary significantly, as outlined below:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>IAM Solution<\/strong><\/th><th><strong>Pros<\/strong><\/th><th><strong>Cons<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>Cloud-Native (Azure AD)<\/strong><\/td><td>&#8211; Scalability: Easily scales as business needs grow.<br>&#8211; Reduced maintenance: No need to manage on-premises infrastructure.<br>&#8211; Quick implementation: Shorter implementation times.<\/td><td>&#8211; Limited control over data: Concerns over storing sensitive data in the cloud.<br>&#8211; Dependency on Internet: Connectivity issues can impact access.<\/td><\/tr><tr><td><strong>Hybrid (Microsoft Entra)<\/strong><\/td><td>&#8211; Flexibility: Leverages existing on-premises IAM investments.<br>&#8211; Enhanced control: Greater control over data and security measures.<br>&#8211; Compliance: Meets specific data storage regulations.<\/td><td>&#8211; Complexity: Integrating cloud and on-premises environments can be challenging.<br>&#8211; Increased maintenance: Managing both cloud and on-premises components requires additional resources.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Target Audience and Use Cases<\/strong><\/h3>\n\n\n\n<p>Azure AD and Microsoft Entra cater to different audiences and use cases:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>IAM Solution<\/strong><\/th><th><strong>Target Audience<\/strong><\/th><th><strong>Use Cases<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>Azure AD<\/strong><\/td><td>Small to medium-sized businesses<\/td><td>Businesses needing essential identity management features like SSO and MFA at an affordable price.<\/td><\/tr><tr><td><strong>Microsoft Entra<\/strong><\/td><td>Large enterprises with complex IAM needs<\/td><td>Organizations requiring advanced security measures, such as risk-based conditional access and PIM.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Integration and Advanced Capabilities<\/strong><\/h3>\n\n\n\n<p>While both solutions offer robust security and integration capabilities, there are key differences in their advanced features:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>Capability<\/strong><\/th><th><strong>Azure AD<\/strong><\/th><th><strong>Microsoft Entra<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>Security<\/strong><\/td><td>Basic security features like SSO and MFA<\/td><td>Advanced security with risk-based conditional access and PIM<\/td><\/tr><tr><td><strong>Integration<\/strong><\/td><td>Integrates with Microsoft 365 and third-party apps<\/td><td>Integrates with both cloud and on-premises environments<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Expert Corner<\/h3>\n\n\n\n<p>Both Azure AD and Microsoft Entra are powerful IAM solutions, but they serve different organizational needs. Azure AD is becoming Microsoft Entra ID, targeting small to medium-sized businesses with essential IAM features. In contrast, Microsoft Entra offers advanced IAM capabilities for large enterprises with more complex requirements.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.testpreptraining.ai\/microsoft-identity-and-access-administrator-sc-300-free-practice-test\" target=\"_blank\" rel=\"noreferrer noopener\"><img decoding=\"async\" width=\"961\" height=\"150\" src=\"https:\/\/www.testpreptraining.ai\/blog\/wp-content\/uploads\/2024\/08\/image-3.jpg\" alt=\"SC-300 Free Practice Test\" class=\"wp-image-36143\" srcset=\"https:\/\/www.testpreptraining.ai\/blog\/wp-content\/uploads\/2024\/08\/image-3.jpg 961w, https:\/\/www.testpreptraining.ai\/blog\/wp-content\/uploads\/2024\/08\/image-3-300x47.jpg 300w\" sizes=\"(max-width: 961px) 100vw, 961px\" \/><\/a><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>The Microsoft SC-300 Exam: Identity and Access Administrator certification has recently undergone significant updates in 2024, introducing new content areas and restructuring existing ones. These changes reflect the evolving landscape of identity and access management within Microsoft environments, particularly with the introduction of Microsoft Entra Permissions Management and cross-tenant settings and synchronization. One of the&#8230;<\/p>\n","protected":false},"author":1,"featured_media":36169,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,260,131],"tags":[6301,4988,4989,4990,6305,6302,6306,6303,4987,6304],"class_list":["post-36129","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-computing","category-microsoft","category-microsoft-azure","tag-microsoft-sc-300","tag-microsoft-sc-300-course","tag-microsoft-sc-300-exam-details","tag-microsoft-sc-300-exam-guide","tag-microsoft-sc-300-exam-questions","tag-microsoft-sc-300-exam-updated","tag-microsoft-sc-300-free-test","tag-microsoft-sc-300-learning-resources","tag-microsoft-sc-300-online-course","tag-microsoft-sc-300-questions"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft SC-300 Exam Updates [2024] - Blog<\/title>\n<meta name=\"description\" content=\"Increase your chances and get ready to pass the Microsoft SC-300 exam with the latest SC-300 practice set and study guide. Try Free Test Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft SC-300 Exam Updates [2024] - Blog\" \/>\n<meta property=\"og:description\" content=\"Increase your chances and get ready to pass the Microsoft SC-300 exam with the latest SC-300 practice set and study guide. Try Free Test Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-30T11:30:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-02T05:19:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/blog\/wp-content\/uploads\/2024\/08\/Microsoft-SC-300-Exam-Updates-2024.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TestPrepTraining\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TestPrepTraining\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"23 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/\",\"name\":\"Microsoft SC-300 Exam Updates [2024] - Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/#website\"},\"datePublished\":\"2024-08-30T11:30:00+00:00\",\"dateModified\":\"2024-09-02T05:19:39+00:00\",\"author\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/#\/schema\/person\/b46daaf932dbfb07cbe7db807006780c\"},\"description\":\"Increase your chances and get ready to pass the Microsoft SC-300 exam with the latest SC-300 practice set and study guide. Try Free Test Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft SC-300 Exam Updates [2024]\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/blog\/\",\"name\":\"Learning Resources\",\"description\":\"Testprep Training Blogs\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/#\/schema\/person\/b46daaf932dbfb07cbe7db807006780c\",\"name\":\"TestPrepTraining\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4cd4f7acc79865d9ba457114e386c039833599aae3707598a92eda256c6a5278?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4cd4f7acc79865d9ba457114e386c039833599aae3707598a92eda256c6a5278?s=96&d=mm&r=g\",\"caption\":\"TestPrepTraining\"},\"description\":\"Testprep Training offers a wide range of practice exams and online courses for Professional certification exam curated by field experts and working professionals. Evaluate your skills and build confidence to appear for the exam.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft SC-300 Exam Updates [2024] - Blog","description":"Increase your chances and get ready to pass the Microsoft SC-300 exam with the latest SC-300 practice set and study guide. Try Free Test Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft SC-300 Exam Updates [2024] - Blog","og_description":"Increase your chances and get ready to pass the Microsoft SC-300 exam with the latest SC-300 practice set and study guide. Try Free Test Now!","og_url":"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/","og_site_name":"Blog","article_published_time":"2024-08-30T11:30:00+00:00","article_modified_time":"2024-09-02T05:19:39+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/www.testpreptraining.ai\/blog\/wp-content\/uploads\/2024\/08\/Microsoft-SC-300-Exam-Updates-2024.jpg","type":"image\/jpeg"}],"author":"TestPrepTraining","twitter_card":"summary_large_image","twitter_misc":{"Written by":"TestPrepTraining","Est. reading time":"23 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/","url":"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/","name":"Microsoft SC-300 Exam Updates [2024] - Blog","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/blog\/#website"},"datePublished":"2024-08-30T11:30:00+00:00","dateModified":"2024-09-02T05:19:39+00:00","author":{"@id":"https:\/\/www.testpreptraining.ai\/blog\/#\/schema\/person\/b46daaf932dbfb07cbe7db807006780c"},"description":"Increase your chances and get ready to pass the Microsoft SC-300 exam with the latest SC-300 practice set and study guide. Try Free Test Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/blog\/microsoft-sc-300-exam-updates-2024\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft SC-300 Exam Updates [2024]"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/blog\/#website","url":"https:\/\/www.testpreptraining.ai\/blog\/","name":"Learning Resources","description":"Testprep Training Blogs","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.testpreptraining.ai\/blog\/#\/schema\/person\/b46daaf932dbfb07cbe7db807006780c","name":"TestPrepTraining","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4cd4f7acc79865d9ba457114e386c039833599aae3707598a92eda256c6a5278?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4cd4f7acc79865d9ba457114e386c039833599aae3707598a92eda256c6a5278?s=96&d=mm&r=g","caption":"TestPrepTraining"},"description":"Testprep Training offers a wide range of practice exams and online courses for Professional certification exam curated by field experts and working professionals. Evaluate your skills and build confidence to appear for the exam."}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/posts\/36129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/comments?post=36129"}],"version-history":[{"count":6,"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/posts\/36129\/revisions"}],"predecessor-version":[{"id":36144,"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/posts\/36129\/revisions\/36144"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/media\/36169"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/media?parent=36129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/categories?post=36129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/blog\/wp-json\/wp\/v2\/tags?post=36129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}