Microsoft identity and access administrator exam guide implement IAM solutions with azure AD, build an identity governance strategy, and pass the SC-300 exam
This certification guide focuses on identity solutions and strategies that will help you prepare for Microsoft Identity and Access Administrator certification, while enabling you to implement what you've learned in real-world scenarios. Cloud technologies have made identity and access the new c...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, England ; Mumbai :
Packt Publishing
[2022]
|
| Edición: | [First edition] |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009655509606719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright and Credits
- Foreword
- Contributors
- Table of Contents
- Preface
- Section 1 - Exam Overview and the Evolution of Identity and Access Management
- Chapter 1: Preparing for Your Microsoft Exam
- Technical requirements
- Preparing for a Microsoft exam
- Resources available to prepare for the exam
- Access to a subscription
- Where to take the exam
- Exam format
- Resources available and accessing Microsoft Learn
- Accessing Microsoft Learn
- Finding content on Microsoft Learn
- Exam pages on Microsoft Learn
- Creating a Microsoft 365 trial subscription
- Office 365 or Microsoft 365 trial subscription
- Azure AD Premium subscription
- Exam objectives
- Who should take the SC-300 exam?
- Summary
- Chapter 2: Defining Identity and Access Management
- Understanding IAM
- Identity
- Access
- Learning identity and access use cases
- Shopping websites
- Personal email accounts
- Social media accounts
- Company applications
- Understanding the scope of IAM
- Defining IAM
- Principle of least privilege
- The evolution of IAM
- Traditional
- Advanced
- Optimal
- Summary
- Section 2 - Implementing an Identity Management Solution
- Chapter 3: Implementing and Configuring Azure Active Directory
- Technical requirements
- Configuring and managing AAD roles
- Azure Active Directory tenant
- Azure Active Directory roles
- Planning and assigning roles
- Configuring and managing custom domains
- Adding and verifying a custom domain to set as the primary domain
- Custom domains and sub-domains
- Managing DNS and deleting a custom domain
- Configuring and managing device registration options
- Azure AD-registered devices
- Azure AD-joined devices
- Hybrid AD-joined devices
- Configuring tenant-wide settings
- Member and guest users
- Managing security defaults
- Summary.
- Chapter 4: Creating, Configuring, and Managing Identities
- Technical requirements
- Creating, configuring, and managing users
- Member users
- Guest and external users
- AD (hybrid) users
- Creating, configuring, and managing groups
- Microsoft 365 groups
- Security groups
- Specialty groups
- Dynamic groups
- Managing licenses
- License requirements
- License features
- Assigning licenses
- Summary
- Chapter 5: Implementing and Managing External Identities and Guests
- Technical requirements
- Managing external collaboration settings in Azure AD
- B2B
- B2C
- Configuring external collaboration settings
- Inviting external users individually and in bulk
- Inviting guest users
- Managing external user accounts in Azure AD
- Managing guest user licenses
- Password management
- Multi-factor authentication
- Configuring identity providers
- Google configuration
- Facebook configuration
- Summary
- Chapter 6: Implementing and Managing Hybrid Identities
- Technical requirements
- Implementing and managing Azure AD Connect
- Hybrid identity
- Azure AD
- Windows AD
- Azure AD Connect
- Implementing and managing seamless SSO
- Implementing and managing Azure AD Connect Health
- Troubleshooting sync errors
- Summary
- Section 3 - Implementing an Authentication and Access Management Solution
- Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)
- Technical requirements
- Planning an Azure MFA deployment
- What is MFA?
- How does Azure AD MFA work?
- What licenses include Azure AD MFA?
- Azure authentication methods
- Configuring Azure AD MFA
- Implementing and managing MFA settings
- Configuring and deploying SSPR
- Deploying and managing password protection
- Planning and implementing security defaults
- Summary.
- Chapter 8: Planning and Managing Passwordless Authentication Methods
- Technical requirements
- Administering authentication methods (FIDO2/passwordless)
- Modern authentication for identity and access management
- Implementing an authentication solution based on Windows Hello for Business
- Implementing an authentication solution with the Microsoft Authenticator app
- Summary
- Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection
- Technical requirements
- Planning and implementing Conditional Access policies and controls
- Zero-trust methodology
- Conditional Access policies
- Configuring Smart Lockout thresholds
- Implementing and managing a user risk policy
- Azure AD Identity Protection
- Monitoring, investigating, and remediating elevated risky users
- Summary
- Section 4 - Implementing Access Management for Applications
- Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)
- Technical requirements
- Designing and implementing access management and SSO for apps
- Discovering apps with Microsoft Cloud App Security
- Integrating on-premises apps using Azure AD Application Proxy
- Planning your line-of-business application registration strategy
- Implementing application registrations
- Planning and configuring multi-tier application permissions
- Summary
- Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps
- Technical requirements
- Planning your cloud application strategy
- Discovering apps with Microsoft Defender for Cloud Apps
- Implementing cloud app security policies
- Planning and configuring cloud application permissions
- Discovering apps by using MCAS or an ADFS app report
- Discovering apps with MCAS app report
- Discovering apps with an ADFS app report.
- Using Microsoft Defender for Cloud Apps to manage application access
- Discovered app scoring
- Sanctioning and unsanctioning apps
- Summary
- Section 5 - Planning and Implementing an Identity Governance Strategy
- Chapter 12: Planning and Implementing Entitlement Management
- Technical requirements
- Defining catalogs and access packages
- Catalogs
- Access packages
- Planning, implementing, and managing entitlements
- Planning entitlements
- Implementing entitlements
- Managing entitlements
- Implementing and managing terms of use
- Managing the life cycle of external users in Azure AD Identity Governance settings
- Access reviews
- Summary
- Chapter 13: Planning and Implementing Privileged Access and Access Reviews
- Technical requirements
- Defining a privileged access strategy for administrative users
- Configuring PIM for Azure AD roles and Azure resources
- Creating and managing break-glass accounts
- Planning for and automating access reviews
- Analyzing PIM audit history and reports
- Summary
- Section 6 - Monitoring and Maintaining Azure Active Directory
- Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users
- Technical requirements
- Analyzing and investigating sign-in logs to troubleshoot access issues
- Reviewing and monitoring Azure AD audit logs
- Analyzing Azure Active Directory workbooks and reporting
- Summary
- Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions
- Technical requirements
- Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel
- Exporting sign-in and audit logs to a third-party SIEM
- Reviewing Azure AD activity by using Log Analytics and Microsoft Sentinel
- Summary
- Chapter 16: Final Assessment/Mock Exam
- Index
- Other Books YouMay Enjoy.
