Microsoft Identity and Access Administrator (SC-300) Practice Exam
Microsoft Identity and Access Administrator (SC-300) Practice Exam
4.8(1,222 ratings)
1,416 Learners
What’s Included
No. of Questions394
AccessImmediate
Access DurationLife Long Access
Exam DeliveryOnline
Test ModesPractice, Exam
Microsoft Identity and Access Administrator (SC-300) Practice Exam
Microsoft SC-300 exam is for Microsoft identity and access administrator with skills in designing, implementing, and operating an organization’s identity and access management by using Microsoft Entra ID (ID). They are responsible for configuring and managing the full cycle of identities for:
Users
Devices
Microsoft Azure resources
Applications
In the role of an identity and access administrator, candidates must ensure users experience seamless access and self-service management capabilities. This involves planning and executing identity, authorization, and access strategies to integrate applications and resources within Azure. Additionally, they are tasked with troubleshooting, monitoring, and reporting on identity and access issues. Collaboration with various roles within the organization is essential to:
Drive strategic identity initiatives forward.
Update and modernize identity solutions.
Deploy hybrid identity solutions.
Enforce identity governance measures.
Who should take the exam?
Microsoft SC-300 exam is best for those having familiarity with Azure, Microsoft 365 services and workloads, and Active Directory Domain Services (AD DS). They should have experience in:
Automating the management of Microsoft Entra ID using PowerShell.
Analyzing events using Kusto Query Language (KQL).
Exam Details
Exam Code: SC-300
Exam Name: Microsoft Identity and Access Administrator
Exam Languages: German, English, Spanish, French, Italian, Japanese, Korean, Portuguese (Brazil), Chinese (Simplified), Chinese (Traditional)
Exam Questions: 40-60 Questions
Passing Score: 700 or greater (On a scale 1 - 1000)
SC-300 Exam Course Outline
The Exam covers the given topics -
Topic 1: Designing implementing and managing user identities (20–25%)
Configuring and managing a Microsoft Entra tenant
Configure and manage built-in and custom Microsoft Entra roles
Recommending when to use administrative units
Configure and manage administrative units
Evaluating effective permissions for Microsoft Entra roles
Configure and manage custom domains
Configuring Company branding settings
Configure tenant properties, user settings, group settings, and device settings
Creating, configuring, and managing Microsoft Entra identities
Create, configure, and manage users
Create, configure, and manage groups
Managing custom security attributes
Automating the management of users and groups by using PowerShell
Assigning, modifying, and reporting on licenses
Implementing and managing identities for external users and tenants
Manage External collaboration settings in Microsoft Entra ID
Invite external users, individually or in bulk
Manage external user accounts in Microsoft Entra ID
Implementing Cross-tenant access settings
Implement and manage cross-tenant synchronization
Configure identity providers, including SAML and WS-Fed
Create and manage a Microsoft Entra B2C tenant (Microsoft Entra External ID)
Implementing and managing hybrid identity
Implement and manage Microsoft Entra Connect
Implement and manage Microsoft Entra Connect cloud sync
Implementing and managing password hash synchronization
Implement and manage pass-through authentication
Implement and manage seamless single sign-on (SSO)
Implement and manage federation, excluding manual Active Directory Federation Services (AD FS) deployments
Implement and manage Microsoft Entra Connect Health
Troubleshooting synchronization errors
Topic 2: Implementing authentication and access management (25–30%)
Planning, implementing, and managing Microsoft Entra user authentication
Plan for authentication
Implement and manage authentication methods
Implement and manage tenant-wide Multi-factor Authentication (MFA) settings
Manage per-user MFA settings
Configure and deploy self-service password reset (SSPR)
Implement and manage Windows Hello for Business
Disable accounts and revoke user sessions
Implement and manage password protection and smart lockout
Enable Microsoft Entra Kerberos authentication for hybrid identities
Implement certificate-based authentication in Microsoft Entra
Plan, implement, and manage Microsoft Entra Conditional Access
Plan Conditional Access policies
Implement Conditional Access policy assignments
Implement Conditional Access policy controls
Test and troubleshoot Conditional Access policies
Implement session management
Implement device-enforced restrictions
Implement continuous access evaluation
Create a Conditional Access policy from a template
Manage risk by using Microsoft Entra ID Protection
Implement and manage user risk policies
Implement and manage sign-in risk policies
Implement and manage MFA registration policies
Monitor, investigate and remediate risky users
Monitor, investigate, and remediate risky workload identities
Implement access management for Azure resources by using Azure roles
Create custom Azure roles, including both control plane and data plane permissions
Assign built-in and custom Azure roles
Evaluate effective permissions for a set of Azure roles
Assign Azure roles to enable Microsoft Entra ID login to Azure virtual machines
Configure Azure Key Vault role-based access control (RBAC) and access policies
Topic 3: Understand about planning and implementing workload identities (20–25%)
Plan and implement identities for applications and Azure workloads
Select appropriate identities for applications and Azure workloads, including managed identities, service principals, user accounts, and managed service accounts
Create managed identities
Assign a managed identity to an Azure resource
Use a managed identity assigned to an Azure resource to access other Azure resources
Plan, implement, and monitor the integration of enterprise applications
Configure and manage user and admin consent
Discover apps by using AD FS application activity reports
Plan and implement settings for enterprise applications, including application-level and tenant-level settings
Assign appropriate Microsoft Entra roles to users to manage enterprise applications
Monitor and audit activity in enterprise applications
Design and implement integration for on-premises apps by using Microsoft Entra Application Proxy
Design and implement integration for software as a service (SaaS) apps
Assign, classify, and manage users, groups, and app roles for enterprise applications
Create and manage application collections
Plan and implement app registrations
Plan for app registrations
Create app registrations
Configure app authentication
Configure API permissions
Create app roles
Manage and monitor app access by using Microsoft Defender for Cloud Apps
Configure and analyze cloud discovery results by using Defender for Cloud Apps
Configure connected apps
Implement application-enforced restrictions
Configure Conditional Access app control
Create access and session policies in Defender for Cloud Apps
Implement and manage policies for OAuth apps
Manage the Cloud app catalog
Topic 4: Planning and implementing identity governance (20–25%)
Plan and implement entitlement management in Microsoft Entra
Plan entitlements
Create and configure catalogs
Create and configure access packages
Manage access requests
Implement and manage terms of use (ToU)
Manage the lifecycle of external users
Configure and manage connected organizations
Plan, implement, and manage access reviews in Microsoft Entra
Plan for access reviews
Create and configure access reviews
Monitor access review activity
Manually respond to access review activity
Plan and implement privileged access
Plan and manage Azure roles in Microsoft Entra Privileged Identity Management (PIM), including settings and assignments
Plan and manage Azure resources in PIM, including settings and assignments
Plan and configure privileged access groups
Manage the PIM request and approval process
Analyze PIM audit history and reports
Create and manage break-glass accounts
Monitor identity activity by using logs, workbooks, and reports
Design a strategy for monitoring Microsoft Entra
Review and analyze sign-in, audit, and provisioning logs by using the Microsoft Entra admin center
Configure diagnostic settings, including configuring destinations such as Log Analytics workspaces, storage accounts, and event hubs
Monitor Microsoft Entra by using KQL queries in Log Analytics
Analyze Microsoft Entra by using workbooks and reporting
Monitor and improve the security posture by using Identity Secure Score
Plan and implement Microsoft Entra Permissions Management
Onboard Azure subscriptions to Permissions Management
Evaluate and remediate risks relating to Azure identities, resources, and tasks
Evaluate and remediate risks relating to Azure highly privileged roles
Evaluate and remediate risks relating to Permissions Creep Index (PCI) in Azure
Configure activity alerts and triggers for Azure subscriptions
What We Offer?
Full-Length Mock Tests that include unique, exam-style questions to help you practice under real conditions.
Section-Wise Practice Questions for reviewing topic-based questions and instantly see where you stand in every section.
Detailed answers with a clear and thorough explanation to help you understand the concept, not just memorize answers.
Get a complete breakdown of your strengths, weaknesses, and progress after every attempt.
All question sets reflect the latest exam syllabus and format.
Unlimited Access to Practice anytime, as often as you want - no time limits or hidden restrictions.
100% Pass Guarantee
We have built the Practice Exams with a 100% unconditional Test Pass Guarantee!
If you are unable to clear the exam, you can request a full refund guaranteed.
Reviews
How learners rated this courses
4.8
(Based on 1222 reviews)
63%
38%
0%
0%
0%
Jason Quins
I found the detailed scenarios on user provisioning and Entitlement Management to be spot-on. It forced me to think strategically about minimizing security risk in the identity lifecycle.
Sarah Demo
Excellent practice for understanding Authentication Methods and External Identities (B2B/B2C). I passed on the first attempt after using these mocks to solidify my design knowledge.
Liam Cesh
Crucial for mastering the implementation of Conditional Access and Identity Governance in Azure AD. The questions on PIM and access reviews were highly relevant to the SC-300 exam structure.