Book Image

Microsoft Identity and Access Administrator Exam Guide

By : Dwayne Natwick
Book Image

Microsoft Identity and Access Administrator Exam Guide

By: Dwayne Natwick

Overview of this book

Cloud technologies have made identity and access the new control plane for securing data. Without proper planning and discipline in deploying, monitoring, and managing identity and access for users, administrators, and guests, you may be compromising your infrastructure and data. This book is a preparation guide that covers all the objectives of the SC-300 exam, while teaching you about the identity and access services that are available from Microsoft and preparing you for real-world challenges. The book starts with an overview of the SC-300 exam and helps you understand identity and access management. As you progress to the implementation of IAM solutions, you’ll learn to deploy secure identity and access within Microsoft 365 and Azure Active Directory. The book will take you from legacy on-premises identity solutions to modern and password-less authentication solutions that provide high-level security for identity and access. You’ll focus on implementing access and authentication for cloud-only and hybrid infrastructures as well as understand how to protect them using the principles of zero trust. The book also features mock tests toward the end to help you prepare effectively for the exam. By the end of this book, you’ll have learned how to plan, deploy, and manage identity and access solutions for Microsoft and hybrid infrastructures.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Identity and Access Administrator Exam Guide
Dwayne Natwick
Mar, 2022 | 452 pages
Small book image
Microsoft Cybersecurity Architect Exam Ref SC-100
Dwayne Natwick
Jan, 2023 | 272 pages
Small book image
Microsoft 365 Identity and Services Exam Guide MS-100
Aaron Guilmette
Jun, 2023 | 462 pages
Small book image
Microsoft 365 Security, Compliance, and Identity Administration
Peter Rising
Aug, 2023 | 630 pages
Table of Contents (24 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Section 1 – Exam Overview and the Evolution of Identity and Access Management
Section 1 – Exam Overview and the Evolution of Identity and Access Management
Free Chapter
2
Chapter 1: Preparing for Your Microsoft Exam
Chapter 1: Preparing for Your Microsoft Exam
Technical requirements
Preparing for a Microsoft exam
Resources available and accessing Microsoft Learn
Creating a Microsoft 365 trial subscription
Exam objectives
Who should take the SC-300 exam?
Summary
3
Chapter 2: Defining Identity and Access Management
Chapter 2: Defining Identity and Access Management
Understanding IAM
Learning identity and access use cases
Understanding the scope of IAM
The evolution of IAM
Summary
4
Section 2 - Implementing an Identity Management Solution
Section 2 - Implementing an Identity Management Solution
5
Chapter 3: Implementing and Configuring Azure Active Directory
Chapter 3: Implementing and Configuring Azure Active Directory
Technical requirements
Configuring and managing AAD roles
Configuring and managing custom domains
Configuring and managing device registration options
Configuring tenant-wide settings
Summary
6
Chapter 4: Creating, Configuring, and Managing Identities
Chapter 4: Creating, Configuring, and Managing Identities
Technical requirements
Creating, configuring, and managing users
Creating, configuring, and managing groups
Managing licenses
Summary
7
Chapter 5: Implementing and Managing External Identities and Guests
Chapter 5: Implementing and Managing External Identities and Guests
Technical requirements
Managing external collaboration settings in Azure AD
Inviting external users individually and in bulk
Managing external user accounts in Azure AD
Configuring identity providers
Summary
8
Chapter 6: Implementing and Managing Hybrid Identities
Chapter 6: Implementing and Managing Hybrid Identities
Technical requirements
Implementing and managing Azure AD Connect
Implementing and managing seamless SSO
Implementing and managing Azure AD Connect Health
Troubleshooting sync errors
Summary
9
Section 3 – Implementing an Authentication and Access Management Solution
Section 3 – Implementing an Authentication and Access Management Solution
10
Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)
Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)
Technical requirements
Planning an Azure MFA deployment
Implementing and managing MFA settings
Configuring and deploying SSPR
Deploying and managing password protection
Planning and implementing security defaults
Summary
11
Chapter 8: Planning and Managing Password-Less Authentication Methods
Chapter 8: Planning and Managing Password-Less Authentication Methods
Technical requirements
Administering authentication methods (FIDO2/passwordless)
Implementing an authentication solution based on Windows Hello for Business
Implementing an authentication solution with the Microsoft Authenticator app
Summary
12
Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection
Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection
Technical requirements
Planning and implementing Conditional Access policies and controls
Configuring Smart Lockout thresholds
Implementing and managing a user risk policy
Monitoring, investigating, and remediating elevated risky users
Summary
13
Section 4 – Implementing Access Management for Applications
Section 4 – Implementing Access Management for Applications
14
Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)
Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)
Technical requirements
Designing and implementing access management and SSO for apps
Integrating on-premises apps using Azure AD Application Proxy
Planning your line-of-business application registration strategy
Implementing application registrations
Planning and configuring multi-tier application permissions
Summary
15
Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps
Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps
Technical requirements
Planning your cloud application strategy
Implementing cloud app security policies
Planning and configuring cloud application permissions
Discovering apps by using Microsoft Defender for Cloud Apps or an ADFS app report
Using Microsoft Defender for Cloud Apps to manage application access
Summary
16
Section 5 – Planning and Implementing an Identity Governance Strategy
Section 5 – Planning and Implementing an Identity Governance Strategy
17
Chapter 12: Planning and Implementing Entitlement Management
Chapter 12: Planning and Implementing Entitlement Management
Technical requirements
Defining catalogs and access packages
Planning, implementing, and managing entitlements
Implementing and managing terms of use
Managing the life cycle of external users in Azure AD Identity Governance settings
Summary
18
Chapter 13: Planning and Implementing Privileged Access and Access Reviews
Chapter 13: Planning and Implementing Privileged Access and Access Reviews
Technical requirements
Defining a privileged access strategy for administrative users
Configuring PIM for Azure AD roles and Azure resources
Creating and managing break-glass accounts
Planning for and automating access reviews
Analyzing PIM audit history and reports
Summary
19
Section 6 – Monitoring and Maintaining Azure Active Directory
Section 6 – Monitoring and Maintaining Azure Active Directory
20
Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users
Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users
Technical requirements
Analyzing and investigating sign-in logs to troubleshoot access issues
Reviewing and monitoring Azure AD audit logs
Analyzing Azure Active Directory workbooks and reporting
Summary
21
Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions
Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions
Technical requirements
Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel
Exporting sign-in and audit logs to a third-party SIEM
Reviewing Azure AD activity by using Log Analytics and Microsoft Sentinel
Summary
22
Chapter 16: Mock Test
Chapter 16: Mock Test
Questions
Answers
Summary
Why subscribe?
23
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

The previous chapter covered how to analyze, review, and investigate our logs and events to protect against risky sign-ins and elevated-risk users. This included creating reports and reviewing insights for user activity to recognize potential vulnerabilities and alert against possible threats. In this chapter, we will discuss how to integrate and enable the use of these logs with Microsoft Sentinel or a third-party security incident and event management (SIEM) solution. This will include how to use Log Analytics with Kusto queries to review activity in Microsoft Sentinel.

In this chapter, we're going to cover the following main topics:

  • Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel
  • Exporting sign-in and audit logs to a third-party SIEM
  • Reviewing Azure AD activity by using Log Analytics and Microsoft Sentinel
Previous Section
End of Section 1
Next Section