Book Image

Microsoft Identity and Access Administrator Exam Guide

By : Dwayne Natwick
Book Image

Microsoft Identity and Access Administrator Exam Guide

By: Dwayne Natwick

Overview of this book

Cloud technologies have made identity and access the new control plane for securing data. Without proper planning and discipline in deploying, monitoring, and managing identity and access for users, administrators, and guests, you may be compromising your infrastructure and data. This book is a preparation guide that covers all the objectives of the SC-300 exam, while teaching you about the identity and access services that are available from Microsoft and preparing you for real-world challenges. The book starts with an overview of the SC-300 exam and helps you understand identity and access management. As you progress to the implementation of IAM solutions, you’ll learn to deploy secure identity and access within Microsoft 365 and Azure Active Directory. The book will take you from legacy on-premises identity solutions to modern and password-less authentication solutions that provide high-level security for identity and access. You’ll focus on implementing access and authentication for cloud-only and hybrid infrastructures as well as understand how to protect them using the principles of zero trust. The book also features mock tests toward the end to help you prepare effectively for the exam. By the end of this book, you’ll have learned how to plan, deploy, and manage identity and access solutions for Microsoft and hybrid infrastructures.
Table of Contents (24 chapters)
1
Section 1 – Exam Overview and the Evolution of Identity and Access Management
4
Section 2 - Implementing an Identity Management Solution
9
Section 3 – Implementing an Authentication and Access Management Solution
13
Section 4 – Implementing Access Management for Applications
16
Section 5 – Planning and Implementing an Identity Governance Strategy
19
Section 6 – Monitoring and Maintaining Azure Active Directory

Analyzing and investigating sign-in logs to troubleshoot access issues

In Chapter 9, Planning, Implementing, and Administering Conditional Access and Azure Identity Protection, we discussed how user and sign-in risk can be used as a condition for access and authorization to applications. Azure Identity Protection utilizes the activity logs to determine potential threats, vulnerabilities, and anomalous behavior among users. Sign-in logs are based on two types of reporting: activity and security.

Activity reporting within Microsoft shows what is taking place within the infrastructure. The various activities include the following:

  • Sign-ins, which is the usage information of managed applications and user sign-in activities within Azure AD or a hybrid identity architecture.
  • Audit logs that provide system activity for users and groups, managed applications, and directory activities.
  • Provisioning logs enable customers to monitor activity that pertains to the provisioning...