WSQ - Microsoft Identity and Access Administrator (SC-300)

Topic 1: Explore identity in Microsoft Entra ID

• Explain the identity landscape
• Explore zero trust with identity
• Discuss identity as a control plane
• Explore why we have identity
• Define identity administration
• Contrast decentralized identity with central identity systems
• Discuss identity management solutions
• Explain Microsoft Entra Business to Business
• Compare Microsoft identity providers
• Define identity licensing
• Explore authentication
• Discuss authorization
• Explain auditing in identity

Topic 2: Implement initial configuration of Microsoft Entra ID

• Configure company brand
• Configure and manage Microsoft Entra roles
• Exercise manage users roles
• Configure delegation by using administrative units
• Analyze Microsoft Entra role permissions
• Configure and manage custom domains
• Configure tenant-wide setting

Topic 3: Create, configure, and manage identities

• Create, configure, and manage users
• Create, configure, and manage groups
• Configure and manage device registration
• Manage licenses
• Create custom security attributes
• Explore automatic user creation

Topic 4: Implement and manage external identities

• Describe guest access and Business to Business accounts
• Manage external collaboration
• Invite external users - individually and in bulk
• Manage external user accounts in Microsoft Entra ID
• Manage external users in Microsoft 365 workloads
• Implement and manage Microsoft Entra Verified ID
• Configure identity providers
• Implement cross-tenant access controls

Topic 5: Implement and manage hybrid identity

• Plan, design, and implement Microsoft Entra Connect
• Implement manage password hash synchronization (PHS)
• Implement manage pass-through authentication (PTA)
• Implement and manage federation
• Trouble-shoot synchronization errors
• Implement Microsoft Entra Connect Health
• Manage Microsoft Entra Health

Topic 6: Secure Microsoft Entra users with multifactor authentication

• What is Microsoft Entra multifactor authentication?
• Plan your multifactor authentication deployment
• Configure multi-factor authentication methods

Topic 7: Manage user authentication

• Administer FIDO2 and passwordless authentication methods
• Explore Authenticator app and OATH tokens
• Implement an authentication solution based on Windows Hello for Business
• Deploy and manage password protection
• Configure smart lockout thresholds
• Implement Kerberos and certificate-based authentication in Microsoft Entra ID
• Configure Microsoft Entra user authentication for virtual machines

Topic 8: Plan, implement, and administer Conditional Access

• Plan security defaults
• Plan Conditional Access policies
• Implement Conditional Access policy controls and assignments
• Test and troubleshoot Conditional Access policies
• Implement application controls
• Implement session management
• Implement continuous access evaluation

Topic 9: Manage Microsoft Entra Identity Protection

• Review identity protection basics
• Implement and manage user risk policy
• Monitor, investigate, and remediate elevated risky users
• Implement security for workload identities
• Explore Microsoft Defender for Identity

Topic 10: Implement access management for Azure resources

• Assign Azure roles
• Configure custom Azure roles
• Create and configure managed identities
• Access Azure resources with managed identities
• Analyze Azure role permissions
• Configure Azure Key Vault RBAC policies
• Retrieve objects from Azure Key Vault
• Explore Microsoft Entra Permissions Management

Topic 11: Plan and design the integration of enterprise apps for SSO

• Discover apps by using Microsoft Defender for Cloud Apps and Active Directory Federation Services app report
• Configure connectors to apps
• Design and implement app management roles
• Configure preintegrated gallery SaaS apps
• Implement and manage policies for OAuth apps

Topic 12: Implement and monitor the integration of enterprise apps for SSO

• Implement token customizations
• Implement and configure consent settings
• Integrate on-premises apps with Microsoft Entra application proxy
• Integrate custom SaaS apps for single sign-on
• Implement application-based user provisioning
• Monitor and audit access to Microsoft Entra integrated enterprise applications
• Create and manage application collections

Topic 13: Implement app registration

• Plan your line of business application registration strategy
• Implement application registration
• Register an application
• Configure permission for an application
• Grant tenant-wide admin consent to applications
• Implement application authorization
• Manage and monitor application by using app governance

Topic 14: Plan and implement entitlement management

• Define access packages
• Configure entitlement management
• Configure and manage connected organizations
• Review per-user entitlements

Topic 15: Plan, implement, and manage access review

• Plan for access reviews
• Create access reviews for groups and apps
• Create and configure access review programs
• Monitor access review findings
• Automate access review management tasks
• Configure recurring access reviews

Topic 16: Plan and implement privileged access

• Define a privileged access strategy for administrative users
• Configure Privileged Identity Management for Azure resources
• Plan and configure Privileged Access Groups
• Analyze Privileged Identity Management audit history and reports
• Create and manage emergency access accounts

Topic 17: Monitor and maintain Microsoft Entra ID

• Analyze and investigate sign-in logs to troubleshoot access issues
• Review and monitor Microsoft Entra audit logs
• Export logs to third-party security information and event management system
• Analyze Microsoft Entra workbooks and reporting
• Monitor security posture with Identity Secure Score

Final Assessment 

• Written Assessment - Short Answer Questions (WA-SAQ)
• Practical Performance (PP)

Promotion Code

Promo or discount cannot be applied to WSQ courses

Minimum Entry Requirement

Knowledge and Skills

• Able to operate using computer functions
• Minimum 3 GCE ‘O’ Levels Passes including English or WPL Level 5 (Average of Reading, Listening, Speaking & Writing Scores)

Attitude

• Positive Learning Attitude
• Enthusiastic Learner

Experience

• Minimum of 1 year of working experience.

Target age group: 21-65 years old

Minimum Software/Hardware Requirement

Software:

You can download and install the following software:

• Microsoft 365 Defender

Hardware: Windows and Mac Laptops

About Progressive Wage Model (PWM)

The Progressive Wage Model (PWM) helps to increase wages of workers through upgrading skills and improving productivity. 

Employers must ensure that their Singapore citizen and PR workers meet the PWM training requirements of attaining at least 1 Workforce Skills Qualification (WSQ) Statement of Attainment, out of the list of approved WSQ training modules.

For more information on PWM, please visit MOM site.

Funding Eligility Criteria

Steps to Apply Skills Future Claim

• The staff will send you an invoice with the fee breakdown.
• Login to the MySkillsFuture portal, select the course you’re enrolling on and enter the course date and schedule.
• Enter the course fee payable by you (including GST) and enter the amount of credit to claim.
• Upload your invoice and click ‘Submit’

SkillsFuture Level-Up Program

The  SkillsFuture Level-Up Programme provides greater structural support for mid-career Singaporeans aged 40 years and above to pursue a substantive skills reboot and stay relevant in a changing economy. For more information, visit SkillsFuture Level-Up Programme

Get Additional Course Fee Support Up to $500 under UTAP

The Union Training Assistance Programme (UTAP) is a training benefit provided to NTUC Union Members with an objective of encouraging them to upgrade with skills training. It is provided to minimize the training cost. If you are a NTUC Union Member then you can get 50% funding (capped at $500 per year) under Union Training Assistance Programme (UTAP).

For more information visit NTUC U Portal – Union Training Assistance Program (UTAP)

Steps to Apply UTAP

• Log in to your U Portal account to submit your UTAP application upon completion of the course.

Note

• SSG subsidy is available for Singapore Citizens, Permanent Residents, and Corporates.
• All Singaporeans aged 25 and above can use their SkillsFuture Credit to pay. For more details, visit www.skillsfuture.gov.sg/credit
• An unfunded course fee can be claimed via SkillsFuture Credit or paid in cash.
• UTAP funding for NTUC Union Members is capped at $250 for 39 years and below and at $500 for 40 years and above.
• UTAP support amount will be paid to training provider first and claimed after end of class by learner.

Appeal Process

1. The candidate has the right to disagree with the assessment decision made by the assessor.
2. When giving feedback to the candidate, the assessor must check with the candidate if he agrees with the assessment outcome.
3. If the candidate agrees with the assessment outcome, the assessor & the candidate must sign the Assessment Summary Record.
4. If the candidate disagrees with the assessment outcome, he/she should not sign in the Assessment Summary Record.
5. If the candidate intends to appeal the decision, he/she should first discuss the matter with the assessor/assessment manager.
6. If the candidate is still not satisfied with the decision, the candidate must notify the assessor of the decision to appeal. The assessor will reflect the candidate’s intention in the Feedback Section of the Assessment Summary Record.
7. The assessor will notify the assessor manager about the candidate’s intention to lodge an appeal.
8. The candidate must lodge the appeal within 7 days, giving reasons for appeal 
9. The assessor can help the candidate with writing and lodging the appeal.
10. he assessment manager will collect information from the candidate & assessor and give a final decision.
11. A record of the appeal and any subsequent actions and findings will be made.
12. An Assessment Appeal Panel will be formed to review and give a decision.
13. The outcome of the appeal will be made known to the candidate within 2 weeks from the date the appeal was lodged.
14. The decision of the Assessment Appeal Panel is final and no further appeal will be entertained.
15. Please click the link below to fill up the Candidates Appeal Form.

• Identity and Access Administrator
• IT Security Specialist
• Microsoft Entra Specialist
• Systems Administrator
• Network Administrator
• Compliance Officer
• Data Protection Officer
• Cloud Security Analyst
• Risk Management Specialist
• IT Project Manager
• Security Consultant
• IT Auditor
• Identity Solutions Architect
• Cybersecurity Analyst
• Access Control Technician
• Security Operations Center (SOC) Analyst
• Information Security Manager
• IT Governance Specialist
• Privileged Access Manager
• Identity Management Engineer

Sanjiv Venkatram: Sanjiv Venkatram is an experienced IT consultant and Microsoft-certified professional specializing in Azure infrastructure, cloud security, and enterprise identity management. With a strong background in digital transformation and systems integration, he has helped organizations implement secure cloud environments leveraging Microsoft 365 and Azure Active Directory. His hands-on expertise in managing authentication protocols, access governance, and identity lifecycle automation positions him as a trusted specialist in cloud-based access control.

As a Microsoft-certified Azure Fundamentals holder, Sanjiv brings both technical and strategic perspectives to his training. In “Microsoft Identity and Access Administrator (SC-300),” he equips learners with the skills to design, implement, and manage secure identity solutions in hybrid environments. His teaching focuses on real-world applications—covering access policies, conditional access, and identity governance—ensuring participants gain practical mastery of Microsoft’s security framework for modern enterprises.

Agus Salim: Agus Salim is a cybersecurity and cloud infrastructure engineer with over a decade of experience managing enterprise networks, cloud security, and identity access systems. Currently a TAC Engineer at Check Point Software Technologies, he specializes in troubleshooting and securing hybrid environments that integrate Microsoft Azure, AWS, and on-premises solutions. His professional certifications—including CompTIA Security+, Microsoft Azure Administrator, and AWS Cloud Practitioner—reflect a deep technical understanding of cloud identity management and threat mitigation.

In “Microsoft Identity and Access Administrator (SC-300),” Agus applies his extensive field experience to guide learners through the implementation of robust identity frameworks. His training emphasizes best practices in managing privileged access, enforcing zero-trust models, and securing user identities across cloud services. He helps participants understand how to integrate security policies and governance into daily operations, aligning theory with real-world cybersecurity needs.

Gollapalli Rajendra Kishnan: Gollapalli Rajendra Kishnan is a Microsoft Certified Trainer and Azure Data Scientist with over 20 years of experience across cloud technologies, AI, and enterprise systems. With a Master’s degree in Computer Applications, he has delivered training and consultancy projects across Asia for clients including SAP, Accenture, Singapore Power, and Wipro. His technical expertise spans Azure Machine Learning, Azure Data Engineering, and Power Platform solutions, along with SAP HANA and BTP integration.

Kishan brings a data-centric approach to identity management, combining his deep knowledge of Azure ecosystems with modern governance frameworks. In “Microsoft Identity and Access Administrator (SC-300),” he helps professionals master Azure Active Directory and Microsoft Entra capabilities, teaching them to implement secure authentication, role-based access control, and compliance-driven identity solutions. His sessions emphasize hands-on labs and applied learning for enterprise-ready security administration.

Alec Tan Chee Wee: Alec Tan Chee Wee is a certified IT trainer and systems engineer with over 20 years of experience in IT infrastructure, server management, and cloud operations. He holds multiple CompTIA certifications (A+, Network+, Server+) and a WSQ Advanced Certificate in Learning and Performance (ACLP). His professional journey includes managing enterprise networks, automating system workflows, and training corporate teams in Microsoft 365, cloud fundamentals, and cybersecurity.

In “Microsoft Identity and Access Administrator (SC-300),” Alec delivers practical, scenario-based instruction on configuring identity solutions and managing user access across hybrid systems. His hands-on approach helps learners build confidence in implementing conditional access, identity synchronization, and compliance monitoring. Alec’s experience in both technical support and adult learning ensures that participants gain both conceptual clarity and practical competence in identity administration.

Bernard Peh: Bernard Peh is a data scientist, financial technologist, and ACLP-certified trainer with over 25 years of experience in analytics, data engineering, and cloud architecture. As a senior partner at BigDataVC, he specializes in deploying secure, data-driven infrastructures for financial and enterprise clients. His extensive background in SQL, Power BI, and Microsoft Azure solutions positions him at the intersection of data governance and cloud security.

In “Microsoft Identity and Access Administrator (SC-300),” Bernard focuses on equipping learners with a holistic understanding of data protection and access management in the Azure ecosystem. He teaches how to implement and monitor identity solutions that safeguard data integrity and regulatory compliance. His sessions combine technical depth with real-world insights, empowering professionals to strengthen organizational security through effective identity and access controls.