Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Microsoft Identity and Access Administrator Exam Guide
  • Table Of Contents Toc
Microsoft Identity and Access Administrator Exam Guide

Microsoft Identity and Access Administrator Exam Guide

By : Dwayne Natwick
4.7 (12)
Buy this Book
close
close
Microsoft Identity and Access Administrator Exam Guide

Microsoft Identity and Access Administrator Exam Guide

4.7 (12)
By: Dwayne Natwick
Buy this Book

Overview of this book

Cloud technologies have made identity and access the new control plane for securing data. Without proper planning and discipline in deploying, monitoring, and managing identity and access for users, administrators, and guests, you may be compromising your infrastructure and data. This book is a preparation guide that covers all the objectives of the SC-300 exam, while teaching you about the identity and access services that are available from Microsoft and preparing you for real-world challenges. The book starts with an overview of the SC-300 exam and helps you understand identity and access management. As you progress to the implementation of IAM solutions, you’ll learn to deploy secure identity and access within Microsoft 365 and Azure Active Directory. The book will take you from legacy on-premises identity solutions to modern and password-less authentication solutions that provide high-level security for identity and access. You’ll focus on implementing access and authentication for cloud-only and hybrid infrastructures as well as understand how to protect them using the principles of zero trust. The book also features mock tests toward the end to help you prepare effectively for the exam. By the end of this book, you’ll have learned how to plan, deploy, and manage identity and access solutions for Microsoft and hybrid infrastructures.
Table of Contents (24 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
1
Section 1 – Exam Overview and the Evolution of Identity and Access Management
Icon
Section 1 – Exam Overview and the Evolution of Identity and Access Management
Lock Free Chapter
2
Chapter 1: Preparing for Your Microsoft Exam
Icon
Chapter 1: Preparing for Your Microsoft Exam
Icon
Technical requirements
Icon
Preparing for a Microsoft exam
Icon
Resources available and accessing Microsoft Learn
Icon
Creating a Microsoft 365 trial subscription
Icon
Exam objectives
Icon
Who should take the SC-300 exam?
Icon
Summary
3
Chapter 2: Defining Identity and Access Management
Icon
Chapter 2: Defining Identity and Access Management
Icon
Understanding IAM
Icon
Learning identity and access use cases
Icon
Understanding the scope of IAM
Icon
The evolution of IAM
Icon
Summary
4
Section 2 - Implementing an Identity Management Solution
Icon
Section 2 - Implementing an Identity Management Solution
5
Chapter 3: Implementing and Configuring Azure Active Directory
Icon
Chapter 3: Implementing and Configuring Azure Active Directory
Icon
Technical requirements
Icon
Configuring and managing AAD roles
Icon
Configuring and managing custom domains
Icon
Configuring and managing device registration options
Icon
Configuring tenant-wide settings
Icon
Summary
6
Chapter 4: Creating, Configuring, and Managing Identities
Icon
Chapter 4: Creating, Configuring, and Managing Identities
Icon
Technical requirements
Icon
Creating, configuring, and managing users
Icon
Creating, configuring, and managing groups
Icon
Managing licenses
Icon
Summary
7
Chapter 5: Implementing and Managing External Identities and Guests
Icon
Chapter 5: Implementing and Managing External Identities and Guests
Icon
Technical requirements
Icon
Managing external collaboration settings in Azure AD
Icon
Inviting external users individually and in bulk
Icon
Managing external user accounts in Azure AD
Icon
Configuring identity providers
Icon
Summary
8
Chapter 6: Implementing and Managing Hybrid Identities
Icon
Chapter 6: Implementing and Managing Hybrid Identities
Icon
Technical requirements
Icon
Implementing and managing Azure AD Connect
Icon
Implementing and managing seamless SSO
Icon
Implementing and managing Azure AD Connect Health
Icon
Troubleshooting sync errors
Icon
Summary
9
Section 3 – Implementing an Authentication and Access Management Solution
Icon
Section 3 – Implementing an Authentication and Access Management Solution
10
Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)
Icon
Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)
Icon
Technical requirements
Icon
Planning an Azure MFA deployment
Icon
Implementing and managing MFA settings
Icon
Configuring and deploying SSPR
Icon
Deploying and managing password protection
Icon
Planning and implementing security defaults
Icon
Summary
11
Chapter 8: Planning and Managing Password-Less Authentication Methods
chevron up
Icon
Chapter 8: Planning and Managing Password-Less Authentication Methods
Icon
Technical requirements
Icon
Administering authentication methods (FIDO2/passwordless)
Icon
Implementing an authentication solution based on Windows Hello for Business
Icon
Implementing an authentication solution with the Microsoft Authenticator app
Icon
Summary
12
Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection
Icon
Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection
Icon
Technical requirements
Icon
Planning and implementing Conditional Access policies and controls
Icon
Configuring Smart Lockout thresholds
Icon
Implementing and managing a user risk policy
Icon
Monitoring, investigating, and remediating elevated risky users
Icon
Summary
13
Section 4 – Implementing Access Management for Applications
Icon
Section 4 – Implementing Access Management for Applications
14
Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)
Icon
Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)
Icon
Technical requirements
Icon
Designing and implementing access management and SSO for apps
Icon
Integrating on-premises apps using Azure AD Application Proxy
Icon
Planning your line-of-business application registration strategy
Icon
Implementing application registrations
Icon
Planning and configuring multi-tier application permissions
Icon
Summary
15
Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps
Icon
Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps
Icon
Technical requirements
Icon
Planning your cloud application strategy
Icon
Implementing cloud app security policies
Icon
Planning and configuring cloud application permissions
Icon
Discovering apps by using Microsoft Defender for Cloud Apps or an ADFS app report
Icon
Using Microsoft Defender for Cloud Apps to manage application access
Icon
Summary
16
Section 5 – Planning and Implementing an Identity Governance Strategy
Icon
Section 5 – Planning and Implementing an Identity Governance Strategy
17
Chapter 12: Planning and Implementing Entitlement Management
Icon
Chapter 12: Planning and Implementing Entitlement Management
Icon
Technical requirements
Icon
Defining catalogs and access packages
Icon
Planning, implementing, and managing entitlements
Icon
Implementing and managing terms of use
Icon
Managing the life cycle of external users in Azure AD Identity Governance settings
Icon
Summary
18
Chapter 13: Planning and Implementing Privileged Access and Access Reviews
Icon
Chapter 13: Planning and Implementing Privileged Access and Access Reviews
Icon
Technical requirements
Icon
Defining a privileged access strategy for administrative users
Icon
Configuring PIM for Azure AD roles and Azure resources
Icon
Creating and managing break-glass accounts
Icon
Planning for and automating access reviews
Icon
Analyzing PIM audit history and reports
Icon
Summary
19
Section 6 – Monitoring and Maintaining Azure Active Directory
Icon
Section 6 – Monitoring and Maintaining Azure Active Directory
20
Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users
Icon
Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users
Icon
Technical requirements
Icon
Analyzing and investigating sign-in logs to troubleshoot access issues
Icon
Reviewing and monitoring Azure AD audit logs
Icon
Analyzing Azure Active Directory workbooks and reporting
Icon
Summary
21
Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions
Icon
Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions
Icon
Technical requirements
Icon
Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel
Icon
Exporting sign-in and audit logs to a third-party SIEM
Icon
Reviewing Azure AD activity by using Log Analytics and Microsoft Sentinel
Icon
Summary
22
Chapter 16: Mock Test
Icon
Chapter 16: Mock Test
Icon
Questions
Icon
Answers
Icon
Summary
Icon
Why subscribe?
23
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts

Implementing an authentication solution based on Windows Hello for Business

In the previous section on passwordless authentication, we discussed how Windows Hello can be used by Windows 10 users for authentication by utilizing facial recognition. Windows Hello for Business allows the company to require users of Windows 10 devices to use this as the required authentication and monitor users. In this section, you will learn how to implement Windows Hello for Business as the authentication solution. Windows Hello for Business is configured within the Windows Active Directory domain controller, not Azure AD.

To implement Windows Hello for Business, multiple security groups are required. These security groups are the KeyCredential Admins security group and the Windows Hello for Business Users security group. If you are in a hybrid architecture with Windows Server 2016 domain controllers, the KeyCredential Admins group is created when you install the domain controller.

If your hybrid...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Microsoft Identity and Access Administrator Exam Guide
End of Section 11
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon