Course Description
The Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organization's identity and access management systems using Azure AD. Learn how to manage tasks, such as providing secure access with authentication and authorization to business applications. You'll also learn how to provide simple experiences and self-service management capabilities for all users. Finally, learn how to create adaptive access and governance for identity and access management solutions, ensuring you can troubleshoot, monitor, and report on your environment. The identity and access administrator can be a single person or a member of a larger team. Learn how this role collaborates with many other roles in the organization to drive strategic identity projects. The ultimate goal is to provide insights to modernize identity solutions, implement hybrid identity solutions, and implement identity governance.
Audience profile
This course is intended for identity and access administrators who plan to take the associated certification exam or who perform identity and access management tasks in their daily work. This course would also be useful for an administrator or engineer who wants to specialize in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organization.
Items in this collection
- Identity and Azure AD exploration (16 Units)
- Deploy initial Azure Active Directory configuration (11 Units)
- Create, configure and manage identities (14 Units)
- Implementation and administration of external identities (16 Units)
- Implementation and administration of a hybrid identity (11 Units)
- Protecting Azure Active Directory users with Multi-Factor Authentication (6 Units)
- Manage user authentication (12 Units)
- Planning, implementation and administration of conditional access (13 Units)
- Azure AD Identity Protection Administration (10 Units)
- Implementation of access management for Azure resources (11 Units)
- Planning and design of the integration of business applications for SSO (10 Units)
- Implementation and supervision of the integration of business applications for single sign-on (10 Units)
- Implementation of application registration (11 Units)
- Planning and implementation of rights administration (10 Units)
- Planning, implementation and administration of access review (9 Units)
- Planning and implementation of privileged access (11 Units)
- Monitoring and maintenance of Azure Active Directory (9 Units)
Course outline
Module 1: Implement an identity management solution
- Implement Initial configuration of Azure AD
- Create, configure, and manage identities
- Implement and manage external identities
- Implement and manage hybrid identity
Lab: Manage user roles
Lab: Setting tenant-wide properties
Lab: Assign licenses to users
Lab: Restore or remove deleted users
Lab: Add groups in Azure AD
Lab: Change group license assignments
Lab: Change user license assignments
Lab: Configure external collaboration
Lab: Add guest users to the directory
Lab: Explore dynamic groups
Module 2: Implement an authentication and access management solution
- Secure Azure AD user with MFA
- Manage user authentication
- Plan, implement, and administer conditional access
- Manage Azure AD identity protection
Lab: Enable Azure AD MFA
Lab: Configure and deploy self-service password reset (SSPR)
Lab: Work with security defaults
Lab: Implement conditional access policies, roles, and assignments
Lab: Configure authentication session controls
Lab: Manage Azure AD smart lockout values
Lab: Enable sign-in risk policy
Lab: Configure Azure AD MFA authentication registration policy
Module 3: Implement access management for Apps
- Plan and design the integration of enterprise for SSO
- Implement and monitor the integration of enterprise apps for SSO
- Implement app registration
Lab: Implement access management for apps
Lab: Create a custom role to manage app registration
Lab: Register an application
Lab: Grant tenant-wide admin consent to an application
Lab: Add app roles to applications and receive tokens
Module 4: Plan and implement an identity governance strategy
- Plan and implement entitlement management
- Plan, implement, and manage access reviews
- Plan and implement privileged access
- Monitor and maintain Azure AD
Lab: Create and manage a resource catalog with Azure AD entitlement
Lab: Add terms of use acceptance report
Lab: Manage the lifecycle of external users with Azure AD identity governance
Lab: Create access reviews for groups and apps
Lab: Configure PIM for Azure AD roles
Lab: Assign Azure AD role in PIM
Lab: Assign Azure resource roles in PIM
Lab: Connect data from Azure AD to Azure Sentinel
Previous requirements
Before attending this course, students must have knowledge of:
- Security best practices and industry security requirements, such as defense in depth, least privilege access, shared responsibility, and zero trust
- Become familiar with identity concepts such as authentication, authorization, and Active Directory
- Have some experience deploying Azure workloads This course does not cover the basics of Azure administration, rather the course content builds on that knowledge by adding specific security information.
- Some experience with Windows and Linux operating systems and scripting languages is helpful, but not necessary. Course labs can use PowerShell and the CLI.
Language
- English course
- Labs: English
