Book Image

Microsoft Identity and Access Administrator Exam Guide

By : Dwayne Natwick
Book Image

Microsoft Identity and Access Administrator Exam Guide

By: Dwayne Natwick

Overview of this book

Cloud technologies have made identity and access the new control plane for securing data. Without proper planning and discipline in deploying, monitoring, and managing identity and access for users, administrators, and guests, you may be compromising your infrastructure and data. This book is a preparation guide that covers all the objectives of the SC-300 exam, while teaching you about the identity and access services that are available from Microsoft and preparing you for real-world challenges. The book starts with an overview of the SC-300 exam and helps you understand identity and access management. As you progress to the implementation of IAM solutions, you’ll learn to deploy secure identity and access within Microsoft 365 and Azure Active Directory. The book will take you from legacy on-premises identity solutions to modern and password-less authentication solutions that provide high-level security for identity and access. You’ll focus on implementing access and authentication for cloud-only and hybrid infrastructures as well as understand how to protect them using the principles of zero trust. The book also features mock tests toward the end to help you prepare effectively for the exam. By the end of this book, you’ll have learned how to plan, deploy, and manage identity and access solutions for Microsoft and hybrid infrastructures.
Table of Contents (24 chapters)
1
Section 1 – Exam Overview and the Evolution of Identity and Access Management
4
Section 2 - Implementing an Identity Management Solution
9
Section 3 – Implementing an Authentication and Access Management Solution
13
Section 4 – Implementing Access Management for Applications
16
Section 5 – Planning and Implementing an Identity Governance Strategy
19
Section 6 – Monitoring and Maintaining Azure Active Directory

Defining a privileged access strategy for administrative users

In the previous chapter, we discussed Identity Governance as it pertains to user access packages for applications and SharePoint sites. A major area of identity governance that we need to manage is privileged access based on administrative user accounts. Within this book, we have identified administrator roles necessary for managing services within Azure AD. As we continue to add and activate these administrative roles within our tenant, we begin to increase the attack surface in that someone who gains unauthorized access to a compromised account may have elevated privileges.

As identity and access administrators, it is our duty to protect and defend this layer through utilizing the concepts of zero trust and the principle of least privilege to assign and manage these administrator accounts. You should have a clear strategy with defined job tasks for every administrator account to plan for the proper assignment of...