Home Page Icon
Home Page
Table of Contents for
Microsoft Identity and Access Administrator Exam Guide
Close
Microsoft Identity and Access Administrator Exam Guide
by Dwayne Natwick, Shannon Kuehn
Microsoft Identity and Access Administrator Exam Guide
Microsoft Identity and Access Administrator Exam Guide
Foreword
Contributors
About the author
About the reviewers
Preface
Section 1 – Exam Overview and the Evolution of Identity and Access Management
Chapter 1: Preparing for Your Microsoft Exam
Chapter 2: Defining Identity and Access Management
Section 2 - Implementing an Identity Management Solution
Chapter 3: Implementing and Configuring Azure Active Directory
Chapter 4: Creating, Configuring, and Managing Identities
Chapter 5: Implementing and Managing External Identities and Guests
Chapter 6: Implementing and Managing Hybrid Identities
Section 3 – Implementing an Authentication and Access Management Solution
Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)
Chapter 8: Planning and Managing Password-Less Authentication Methods
Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection
Section 4 – Implementing Access Management for Applications
Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)
Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps
Section 5 – Planning and Implementing an Identity Governance Strategy
Chapter 12: Planning and Implementing Entitlement Management
Chapter 13: Planning and Implementing Privileged Access and Access Reviews
Section 6 – Monitoring and Maintaining Azure Active Directory
Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users
Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions
Chapter 16: Mock Test
Other Books You May Enjoy
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Microsoft Identity and Access Administrator Exam Guide
Next
Next Chapter
Preface
Table of Contents
Preface
Section 1 – Exam Overview and the Evolution of Identity and Access Management
Chapter 1
: Preparing for Your Microsoft Exam
Technical requirements
Preparing for a Microsoft exam
Resources available to prepare for the exam
Access to a subscription
Where to take the exam
Exam format
Resources available and accessing Microsoft Learn
Accessing Microsoft Learn
Finding content on Microsoft Learn
Exam pages on Microsoft Learn
Creating a Microsoft 365 trial subscription
Office 365 or Microsoft 365 trial subscription
Azure AD Premium subscription
Exam objectives
Who should take the SC-300 exam?
Summary
Chapter 2
: Defining Identity and Access Management
Understanding IAM
Identity
Access
Learning identity and access use cases
Shopping websites
Personal email accounts
Social media accounts
Company applications
Understanding the scope of IAM
Defining IAM
Principle of least privilege
The evolution of IAM
Traditional
Advanced
Optimal
Summary
Section 2 - Implementing an Identity Management Solution
Chapter 3
: Implementing and Configuring Azure Active Directory
Technical requirements
Configuring and managing AAD roles
Azure Active Directory tenant
Azure Active Directory roles
Planning and assigning roles
Configuring and managing custom domains
Adding and verifying a custom domain to set as the primary domain
Custom domains and sub-domains
Managing DNS and deleting a custom domain
Configuring and managing device registration options
Azure AD-registered devices
Azure AD-joined devices
Hybrid AD-joined devices
Configuring tenant-wide settings
Member and guest users
Managing security defaults
Summary
Chapter 4
: Creating, Configuring, and Managing Identities
Technical requirements
Creating, configuring, and managing users
Member users
Guest and external users
AD (hybrid) users
Creating, configuring, and managing groups
Microsoft 365 groups
Security groups
Specialty groups
Dynamic groups
Managing licenses
License requirements
License features
Assigning licenses
Summary
Chapter 5
: Implementing and Managing External Identities and Guests
Technical requirements
Managing external collaboration settings in Azure AD
B2B
B2C
Configuring external collaboration settings
Inviting external users individually and in bulk
Inviting guest users
Managing external user accounts in Azure AD
Managing guest user licenses
Password management
Multi-factor authentication
Configuring identity providers
Google configuration
Facebook configuration
Summary
Chapter 6
: Implementing and Managing Hybrid Identities
Technical requirements
Implementing and managing Azure AD Connect
Hybrid identity
Azure AD
Windows AD
Azure AD Connect
Implementing and managing seamless SSO
Implementing and managing Azure AD Connect Health
Troubleshooting sync errors
Summary
Section 3 – Implementing an Authentication and Access Management Solution
Chapter 7
: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)
Technical requirements
Planning an Azure MFA deployment
What is MFA?
How does Azure AD MFA work?
What licenses include Azure AD MFA?
Azure authentication methods
Configuring Azure AD MFA
Implementing and managing MFA settings
Configuring and deploying SSPR
Deploying and managing password protection
Planning and implementing security defaults
Summary
Chapter 8
: Planning and Managing Password-Less Authentication Methods
Technical requirements
Administering authentication methods (FIDO2/passwordless)
Modern authentication for identity and access management
Implementing an authentication solution based on Windows Hello for Business
Implementing an authentication solution with the Microsoft Authenticator app
Summary
Chapter 9
: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection
Technical requirements
Planning and implementing Conditional Access policies and controls
Zero-trust methodology
Conditional Access policies
Configuring Smart Lockout thresholds
Implementing and managing a user risk policy
Azure AD Identity Protection
Monitoring, investigating, and remediating elevated risky users
Summary
Section 4 – Implementing Access Management for Applications
Chapter 10
: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)
Technical requirements
Designing and implementing access management and SSO for apps
Discovering apps with Microsoft Defender for Cloud Apps
Integrating on-premises apps using Azure AD Application Proxy
Planning your line-of-business application registration strategy
Implementing application registrations
Planning and configuring multi-tier application permissions
Summary
Chapter 11
: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps
echnical requirements
Planning your cloud application strategy
Discovering apps with Microsoft Defender for Cloud Apps
Implementing cloud app security policies
Planning and configuring cloud application permissions
Discovering apps by using Microsoft Defender for Cloud Apps or an ADFS app report
Discovering apps with Microsoft Defender for Cloud Apps app report
Discovering apps with an ADFS app report
Using Microsoft Defender for Cloud Apps to manage application access
Discovered app scoring
Sanctioning and unsanctioning apps
Summary
Section 5 – Planning and Implementing an Identity Governance Strategy
Chapter 12
: Planning and Implementing Entitlement Management
Technical requirements
Defining catalogs and access packages
Catalogs
Access packages
Planning, implementing, and managing entitlements
Planning entitlements
Implementing entitlements
Managing entitlements
Implementing and managing terms of use
Managing the life cycle of external users in Azure AD Identity Governance settings
Access reviews
Summary
Chapter 13
: Planning and Implementing Privileged Access and Access Reviews
Technical requirements
Defining a privileged access strategy for administrative users
Configuring PIM for Azure AD roles and Azure resources
Creating and managing break-glass accounts
Planning for and automating access reviews
Analyzing PIM audit history and reports
Summary
Section 6 – Monitoring and Maintaining Azure Active Directory
Chapter 14
: Analyzing and Investigating Sign-in Logs and Elevated Risk Users
Technical requirements
Analyzing and investigating sign-in logs to troubleshoot access issues
Reviewing and monitoring Azure AD audit logs
Analyzing Azure Active Directory workbooks and reporting
Summary
Chapter 15
: Enabling and Integrating Azure AD Logs with SIEM Solutions
Technical requirements
Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel
Exporting sign-in and audit logs to a third-party SIEM
Reviewing Azure AD activity by using Log Analytics and Microsoft Sentinel
Summary
Chapter 16
: Mock Test
Other Books You May Enjoy
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset