Seminarinhalt
Programm
- Explain the identity landscape
- Explore zero trust with identity
- Discuss identity as a control plane
- Explore why we have identity
- Define identity administration
- Contrast decentralized identity with central identity systems
- Discuss identity management solutions
- Explain Azure AD Business to Business
- Compare Microsoft identity providers
- Define identity licensing
- Explore authentication
- Discuss authorization
- Explain auditing in identity
- Configure company brand
- Configure and manage Azure Active Directory roles
- Exercise manage users roles
- Configure delegation by using administrative units
- Analyze Azure AD role permissions
- Configure and manage custom domains
- Configure tenant-wide setting
- Create, configure, and manage users
- Exercise - assign licenses to users
- Exercise - restore or remove deleted users
- Create, configure, and manage groups
- Exercise - add groups in Azure Active Directory
- Configure and manage device registration
- Manage licenses
- Exercise - change group license assignments
- Exercise - change user license assignments
- Create custom security attributes
- Explore automatic user creation
- Describe guest access and Business to Business accounts
- Manage external collaboration
- Exercise - configure external collaboration
- Invite external users - individually and in bulk
- Exercise - add guest users to directory
- Exercise - invite guest users bulk
- Demo - manage guest users in Azure Active Directory
- Manage external user accounts in Azure Active Directory
- Manage external users in Microsoft 365 workloads
- Implement cross-tenant access controls
- Configure identity providers
- Implement and manage Entra Verified ID
- Plan, design, and implement Azure Active Directory Connect
- Implement manage password hash synchronization (PHS)
- Implement manage pass-through authentication (PTA)
- Demo - Manage pass-through authentication and seamless single sign-on (SSO)
- Implement and manage federation
- Trouble-shoot synchronization errors
- Implement Azure Active Directory Connect Health
- Manage Azure Active Directory Connect Health
- What is Azure AD Multi-Factor Authentication?
- Plan your multi-factor authentication deployment
- Exercise - Enable Azure AD Multi-Factor Authentication
- Configure multi-factor authentication methods
- Administer FIDO2 and passwordless authentication methods
- Explore Authenticator app and OATH tokens
- Implement an authentication solution based on Windows Hello for Business
- Exercise configure and deploy self-service password reset
- Deploy and manage password protection
- Configure smart lockout thresholds
- Exercise - Manage Azure Active Directory smart lockout values
- Implement Kerberos and certificate-based authentication in Azure AD
- Configure Azure AD user authentication for virtual machines
- Plan security defaults
- Exercise - Work with security defaults
- Plan Conditional Access policies
- Implement Conditional Access policy controls and assignments
- Exercise - Implement Conditional Access policies roles and assignments
- Test and troubleshoot Conditional Access policies
- Implement application controls
- Implement session management
- Exercise - Configure authentication session controls
- Implement continuous access evaluation
- Assign Azure roles
- Configure custom Azure roles
- Create and configure managed identities
- Access Azure resources with managed identities
- Analyze Azure role permissions
- Configure Azure Key Vault RBAC policies
- Retrieve objects from Azure Key Vault
- Explore Entra Permissions Management (CloudKnox)
- Discover apps by using Microsoft Defender for Cloud Apps and Active Directory Federation Services app report
- Configure connectors to apps
- Exercise implement access management for apps
- Design and implement app management roles
- Exercise create a custom role to manage app registration
- Configure pre-integrated gallery SaaS apps
- Implement and manage policies for OAuth apps
- Implement token customizations
- Implement and configure consent settings
- Integrate on-premises apps by using Azure Active Directory application proxy
- Integrate custom SaaS apps for single-sign-on
- Implement application user provisioning
- Monitor and audit access to Azure Active Directory integrated applications
- Create and manage application collections
- Plan your line of business application registration strategy
- Implement application registration
- Exercise register an application
- Configure application permission
- Exercise grant tenant-wide admin consent to an application
- Implement application authorization
- Exercise add app roles to application and receive tokens
- Manage and monitor application with App governance
- Define access packages
- Exercise create and manage a resource catalog with Azure AD entitlement
- Configure entitlement managemen
- Exercise add terms of use acceptance report
- Exercise manage the lifecycle of external users with Azure AD identity governance
- Configure and manage connected organizations
- Review per-user entitlements
- Plan for access reviews
- Create access reviews for groups and apps
- Create and configure access review programs
- Monitor access review findings
- Automate access review management tasks
- Configure recurring access reviews
- Define a privileged access strategy for administrative users
- Configure Privileged Identity Management for Azure resources
- Exercise configure Privileged Identity Management for Azure Active Directory roles
- Exercise assign Azure Active Directory roles in Privileged Identity Management
- Exercise assign Azure resource roles in Privileged Identity Management
- Plan and configure Privileged Access Groups
- Analyze Privileged Identity Management audit history and reports
- Create and manage emergency access accounts
- Analyze and investigate sign-in logs to troubleshoot access issues
- Review and monitor Azure Active Directory audit logs
- Exercise connect data from Azure Active Directory to Microsoft Sentinel
- Export logs to third-party security information and event management system
- Analyze Azure Active Directory workbooks and reporting
- Monitor security posture with Identity Secure Score
Zielgruppen
Vorkenntnisse
- Bewährte Sicherheitspraktiken und branchenübliche Sicherheitsanforderungen wie tiefgehende Verteidigung, Zugriff mit geringstmöglichen Rechten, gemeinsame Verantwortung und Zero Trust-Modell
- Vertrautheit mit Identitätskonzepten wie Authentifizierung, Autorisierung und Active Directory
- Erfahrung mit der Bereitstellung von Azure-Workloads Dieser Kurs behandelt nicht die Grundlagen der Azure-Verwaltung, sondern der Kursinhalt baut auf diesem Wissen auf und vermittelt weitere sicherheitsspezifische Informationen.
- Erfahrung mit Windows- und Linux-Betriebssystemen und Skriptsprachen ist hilfreich, aber nicht erforderlich. Kurslabs können PowerShell und die CLI verwenden.
Bestandteil von
Wichtige Information
HINWEIS:
Um während des Trainings an den Übungen teilnehmen zu können, ist eine Multi-Faktor-Authentifizierung (MFA) erforderlich. Dafür benötigen Sie ein Mobiltelefon und eine Authentifizierungs-App. Wir empfehlen die kostenlose Microsoft Mobile Phone Authenticator App.
Download Microsoft Mobile Phone Authenticator App.
Set up your Microsoft 365 sign-in for multi-factor authentication.
Sehr interessante Schulung und Themen, welche für das Unternehmen übernommen werden können
Microsoft Identity and Access Administrator
12.09.2024Sehr interessante Schulung und Themen, welche für das Unternehmen übernommen werden können
— Andreas J.TIP TOP Kurs
Microsoft Identity and Access Administrator
01.08.2024TIP TOP Kurs
— Manuel B.