Book Image

Microsoft Identity and Access Administrator Exam Guide

By : Dwayne Natwick
Book Image

Microsoft Identity and Access Administrator Exam Guide

By: Dwayne Natwick

Overview of this book

Cloud technologies have made identity and access the new control plane for securing data. Without proper planning and discipline in deploying, monitoring, and managing identity and access for users, administrators, and guests, you may be compromising your infrastructure and data. This book is a preparation guide that covers all the objectives of the SC-300 exam, while teaching you about the identity and access services that are available from Microsoft and preparing you for real-world challenges. The book starts with an overview of the SC-300 exam and helps you understand identity and access management. As you progress to the implementation of IAM solutions, you’ll learn to deploy secure identity and access within Microsoft 365 and Azure Active Directory. The book will take you from legacy on-premises identity solutions to modern and password-less authentication solutions that provide high-level security for identity and access. You’ll focus on implementing access and authentication for cloud-only and hybrid infrastructures as well as understand how to protect them using the principles of zero trust. The book also features mock tests toward the end to help you prepare effectively for the exam. By the end of this book, you’ll have learned how to plan, deploy, and manage identity and access solutions for Microsoft and hybrid infrastructures.
Table of Contents (24 chapters)
1
Section 1 – Exam Overview and the Evolution of Identity and Access Management
4
Section 2 - Implementing an Identity Management Solution
9
Section 3 – Implementing an Authentication and Access Management Solution
13
Section 4 – Implementing Access Management for Applications
16
Section 5 – Planning and Implementing an Identity Governance Strategy
19
Section 6 – Monitoring and Maintaining Azure Active Directory

Planning and implementing security defaults

Microsoft provides security defaults within Azure Active Directory to assist companies that are new to Azure AD and Microsoft's cloud in protecting identities. In new tenants, security defaults are already turned on and in place, so there isn't any planning and implementation required. However, there are situations where security defaults will need to be turned off as more advanced identity protection solutions are enabled, such as Conditional Access policies. To access security defaults, navigate to Azure AD, scroll down under Manage in the left menu to Properties, and then scroll down in the Properties tile to Manage Security defaults, as shown in Figure 7.29:

Figure 7.29 – Manage security defaults

Security defaults provide basic identity security settings to the entire tenant and are very helpful in protecting a company. These settings include the following:

  • Requiring all users to register...