Preface

This book simplifies identity and access management (IAM) concepts to help you pass the SC-300 certification exam. Packed with practical examples, you'll gain hands-on knowledge to drive strategic identity projects while modernizing identity solutions, implementing hybrid identity solutions, and monitoring identity governance.

Who this book is for

This book is for cloud security engineers, Microsoft 365 administrators, Microsoft 365 users, Microsoft 365 identity administrators, and anyone who wants to learn about IAM and gain SC-300 certification. You should have a basic understanding of the fundamental services within Microsoft 365 and Azure Active Directory before getting started with this Microsoft book.

What this book covers

Chapter 1, Preparing for Your Microsoft Exam, provides guidance on getting prepared for a Microsoft exam along with resources that can assist in your learning plan. This will include helpful links along with steps for gaining access to a trial Microsoft 365 subscription for hands-on practice.

Chapter 2, Defining Identity and Access Management, provides an overview of what IAM is and why it is important. This chapter will also discuss the evolution of IAM as cloud technologies have become more prevalent.

Chapter 3, Implementing and Configuring Azure Active Directory, focuses on the implementation and configuration of Azure Active Directory for cloud identities. This will include how to configure and verify custom domains and tenant-wide settings.

Chapter 4, Creating, Configuring, and Managing Identities, discusses how to plan, create, configure, and manage users, groups, and licenses within Azure Active Directory. This will include the bulk creation of users and dynamic group creation.

Chapter 5, Implementing and Managing External Identities and Guests, discusses how to plan and provide guest user access to Azure Active Directory. This will include how to invite guest users and how to manage access. The chapter will also discuss utilizing existing user identities with B2B and B2C access.

Chapter 6, Implementing and Managing Hybrid Identities, focuses on the planning and implementation of hybrid identity. This will include configuration of Azure Active Directory Connect for Windows Active Directory to Azure Active Directory and determining which synchronization type is the best fit for an organization.

Chapter 7, Planning and Implementing Azure Multi-Factor Authentication and Self-Service Password Reset, discusses the planning and implementation of Azure MFA and SSPR for users and groups. This will include deploying, managing, and configuring MFA for users and groups. This chapter will also cover the differences between verifying identity with MFA and SSPR.

Chapter 8, Planning and Managing Password-Less Authentication Methods, discusses how to plan and utilize password-less authentication methods. It will cover the various methods and how they can be deployed within Azure Active Directory.

Chapter 9, Planning, Implementing, and Administering Conditional Access and Azure Identity Protection, covers conditional access policies. This will include planning for these policies and testing them to verify that they are working correctly and providing the proper controls. In addition, we will discuss Azure Identity Protection and using sign-in and user risk conditions with policies.

Chapter 10, Planning and Implementing Enterprise Apps for Single Sign-On (SSO), focuses on enterprise applications and how to plan and implement SSO. This will include setting up an application proxy for connecting on-premises applications to Azure Active Directory.

Chapter 11, Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps, discusses how Microsoft Defender for Cloud Apps is used to manage and monitor enterprise cloud applications. This includes how to utilize conditional access policies for cloud application access.

Chapter 12, Planning and Implementing Entitlement Management, discusses the planning and implementation process for entitlement management. This includes life cycle management for external users and managing the terms of use.

Chapter 13, Planning and Implementing Privileged Access and Access Reviews, discusses the planning and implementation for user privileged access. This will include how to determine and assign users with privileged access rights on a just-in-time basis. This chapter will also cover planning for access reviews.

Chapter 14, Analyzing and Investigating Sign-in Logs and Elevated Risk Users, discusses how to analyze and investigate sign-in logs and determine risks to elevated users.

Chapter 15, Enabling and Integrating Azure AD Logs with SIEM Solutions, discusses how Azure Active Directory logs can be integrated into SIEM solutions. This will include Azure Sentinel and third-party SIEM.

Chapter 16, Mock Test, provides a final assessment and mock exam questions to complete the final preparations to take the SC-300 exam.

To get the most out of this book

This book will explore configuring a tenant for use of Microsoft 365 and Azure. There will be exercises that will require access to Azure Active Directory. Chapter 1, Preparing for Your Microsoft Exam, provides directions for creating a trial license of Microsoft 365 and a free Azure account.

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://static.packt-cdn.com/downloads/9781801818049_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: By selecting the Download button, filtered data can then be downloaded to a .csv or .json file for up to 250,000 records.

Any command-line input or output is written as follows:

$PasswordProfile = New-Object -TypeName Microsoft.Open.

AzureAD.Model.PasswordProfile

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: The best way to obtain these features is through an Enterprise Mobility + Security (EMS) E5 license.

Tips or Important Notes

Appear like this.

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Share Your Thoughts

Once you've read Microsoft Identity and Access Administrator Exam Guide, we'd love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.

Your review is important to us and the tech community and will help us make sure we're delivering excellent quality content.