Enviar pesquisa
Carregar
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
•
0 gostou
•
233 visualizações
F
FredBrandonAuthorMCP
Seguir
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 30
Recomendados
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security Solutions
FredBrandonAuthorMCP
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and Identity
FredBrandonAuthorMCP
SC-900 Capabilities of Microsoft Compliance Solutions
SC-900 Capabilities of Microsoft Compliance Solutions
FredBrandonAuthorMCP
SC-900 Intro
SC-900 Intro
FredBrandonAuthorMCP
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Vignesh Ganesan I Microsoft MVP
Azure Security Overview
Azure Security Overview
David J Rosenthal
Microsoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
Azure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
Recomendados
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security Solutions
FredBrandonAuthorMCP
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and Identity
FredBrandonAuthorMCP
SC-900 Capabilities of Microsoft Compliance Solutions
SC-900 Capabilities of Microsoft Compliance Solutions
FredBrandonAuthorMCP
SC-900 Intro
SC-900 Intro
FredBrandonAuthorMCP
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Vignesh Ganesan I Microsoft MVP
Azure Security Overview
Azure Security Overview
David J Rosenthal
Microsoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
Azure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
Microsoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
Microsoft Tech Community
Azure security and Compliance
Azure security and Compliance
Karina Matos
Microsoft Threat Protection
Microsoft Threat Protection
Thierry DEMAN
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
Denise Bailey
Azure Security Overview
Azure Security Overview
Allen Brokken
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
Drew Madelung
Azure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
Best Practices in Cloud Security
Best Practices in Cloud Security
Alert Logic
Identity Security - Azure Identity Protection
Identity Security - Azure Identity Protection
Eng Teong Cheah
Microsoft Security Overview
Microsoft Security Overview
David J Rosenthal
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
Container Security Using Microsoft Defender
Container Security Using Microsoft Defender
Rahul Khengare
Working with MS Endpoint Manager
Working with MS Endpoint Manager
George Grammatikos
Microsoft Azure - Introduction
Microsoft Azure - Introduction
Pranav Ainavolu
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint
Cheah Eng Soon
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
carlitocabana
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
Vignesh Ganesan I Microsoft MVP
Azure-AD.pptx
Azure-AD.pptx
ssuser9dddf7
Confidential Computing in Azure - SlideShare Ed Dec 2022.pptx
Confidential Computing in Azure - SlideShare Ed Dec 2022.pptx
Carlo Sacchi
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
WinWire Technologies Inc
original.pdf
original.pdf
PranavUndre1
Mais conteúdo relacionado
Mais procurados
Microsoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
Microsoft Tech Community
Azure security and Compliance
Azure security and Compliance
Karina Matos
Microsoft Threat Protection
Microsoft Threat Protection
Thierry DEMAN
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
Denise Bailey
Azure Security Overview
Azure Security Overview
Allen Brokken
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
Drew Madelung
Azure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
Best Practices in Cloud Security
Best Practices in Cloud Security
Alert Logic
Identity Security - Azure Identity Protection
Identity Security - Azure Identity Protection
Eng Teong Cheah
Microsoft Security Overview
Microsoft Security Overview
David J Rosenthal
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
Container Security Using Microsoft Defender
Container Security Using Microsoft Defender
Rahul Khengare
Working with MS Endpoint Manager
Working with MS Endpoint Manager
George Grammatikos
Microsoft Azure - Introduction
Microsoft Azure - Introduction
Pranav Ainavolu
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint
Cheah Eng Soon
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
carlitocabana
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
Vignesh Ganesan I Microsoft MVP
Azure-AD.pptx
Azure-AD.pptx
ssuser9dddf7
Confidential Computing in Azure - SlideShare Ed Dec 2022.pptx
Confidential Computing in Azure - SlideShare Ed Dec 2022.pptx
Carlo Sacchi
Mais procurados
(20)
Microsoft Zero Trust
Microsoft Zero Trust
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
Azure security and Compliance
Azure security and Compliance
Microsoft Threat Protection
Microsoft Threat Protection
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
Azure Security Overview
Azure Security Overview
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
Azure Security Fundamentals
Azure Security Fundamentals
Best Practices in Cloud Security
Best Practices in Cloud Security
Identity Security - Azure Identity Protection
Identity Security - Azure Identity Protection
Microsoft Security Overview
Microsoft Security Overview
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
Container Security Using Microsoft Defender
Container Security Using Microsoft Defender
Working with MS Endpoint Manager
Working with MS Endpoint Manager
Microsoft Azure - Introduction
Microsoft Azure - Introduction
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
Azure-AD.pptx
Azure-AD.pptx
Confidential Computing in Azure - SlideShare Ed Dec 2022.pptx
Confidential Computing in Azure - SlideShare Ed Dec 2022.pptx
Semelhante a SC-900 Capabilities of Microsoft Identity and Access Management Solutions
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
WinWire Technologies Inc
original.pdf
original.pdf
PranavUndre1
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
uberbaum
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Girish Kalamati
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
Peter Selch Dahl
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
Joonas Westlin
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
Kumton Suttiraksiri
Securing your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
Vignesh Ganesan I Microsoft MVP
EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0
Huy Pham
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...
UiPathCommunity
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
CoLaboraDK
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
Peter Selch Dahl
Identity Security - Azure Active Directory
Identity Security - Azure Active Directory
Eng Teong Cheah
Zero trust deck 2020
Zero trust deck 2020
Guido Marchetti
Identity and Security in the Cloud
Identity and Security in the Cloud
Richard Diver
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
Peter Selch Dahl
Active Directory Proposal
Active Directory Proposal
MJ Ferdous
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
Kesavan Munuswamy
AbedElilahElmahmoumP1.pptx
AbedElilahElmahmoumP1.pptx
AbedElElahElMHMOOM
The user s identities
The user s identities
Giuliano Latini
Semelhante a SC-900 Capabilities of Microsoft Identity and Access Management Solutions
(20)
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
original.pdf
original.pdf
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
Securing your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
Identity Security - Azure Active Directory
Identity Security - Azure Active Directory
Zero trust deck 2020
Zero trust deck 2020
Identity and Security in the Cloud
Identity and Security in the Cloud
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
Active Directory Proposal
Active Directory Proposal
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
AbedElilahElmahmoumP1.pptx
AbedElilahElmahmoumP1.pptx
The user s identities
The user s identities
Mais de FredBrandonAuthorMCP
Savings, Expenses, and Budgeting.pptx
Savings, Expenses, and Budgeting.pptx
FredBrandonAuthorMCP
Investing and Personal Financial Planning.pptx
Investing and Personal Financial Planning.pptx
FredBrandonAuthorMCP
Exploring Blockchain in the Enterprise
Exploring Blockchain in the Enterprise
FredBrandonAuthorMCP
Business Automation - Intro to the Power Platform
Business Automation - Intro to the Power Platform
FredBrandonAuthorMCP
Automating Business Process with PowerApps and Power BI
Automating Business Process with PowerApps and Power BI
FredBrandonAuthorMCP
Automation for Small Business using the Power Platform
Automation for Small Business using the Power Platform
FredBrandonAuthorMCP
Automating Business Processes Create Expense Tracker using PowerApps and Powe...
Automating Business Processes Create Expense Tracker using PowerApps and Powe...
FredBrandonAuthorMCP
Mais de FredBrandonAuthorMCP
(7)
Savings, Expenses, and Budgeting.pptx
Savings, Expenses, and Budgeting.pptx
Investing and Personal Financial Planning.pptx
Investing and Personal Financial Planning.pptx
Exploring Blockchain in the Enterprise
Exploring Blockchain in the Enterprise
Business Automation - Intro to the Power Platform
Business Automation - Intro to the Power Platform
Automating Business Process with PowerApps and Power BI
Automating Business Process with PowerApps and Power BI
Automation for Small Business using the Power Platform
Automation for Small Business using the Power Platform
Automating Business Processes Create Expense Tracker using PowerApps and Powe...
Automating Business Processes Create Expense Tracker using PowerApps and Powe...
Último
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
Último
(20)
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
1.
© Copyright Microsoft
Corporation. All rights reserved. SC-900T00-A Module 2: Describe the Capabilities of Microsoft Identity and Access Management Solutions
2.
© Copyright Microsoft
Corporation. All rights reserved. Module Agenda Explore the services and identity types of Azure Active Directory Explore the authentication capabilities of Azure Active Directory Explore the access management capabilities of Azure Active Directory Describe identity protection governance capabilities of Azure Active Directory
3.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 1: Explore the services and identity types in Azure Active Directory
4.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 1 Introduction After completing this module, you’ll be able to: • Describe what is Azure AD • Describe the identity types that Azure AD supports
5.
© Copyright Microsoft
Corporation. All rights reserved. Azure Active Directory Azure AD is Microsoft’s cloud-based identity and access management service. Capabilities of Azure AD include: • Organizations can enable their employees, guests, and others to sign in and access the resources they need. • Provide a single identity system for their cloud and on- premises applications. • Protect user identities and credentials and to meet an organization’s access governance requirements. • Each Microsoft 365, Office 365, Azure, and Dynamics 365 Online subscription automatically use an Azure AD tenant.
6.
© Copyright Microsoft
Corporation. All rights reserved. Azure AD identity types Azure AD manages different types of identities: users, service principals, managed identities, and devices. User – Generally speaking, a user is a representation of an individual’s identity that's managed by Azure AD. Employees and guests are represented as users in Azure AD. Device - A piece of hardware, such as mobile devices, laptops, servers, or printer. Device identities can be set up in different ways in Azure AD, to determine properties such as who owns the device. Service principal - You can think of it as an identity for an application. A service principal is created in every tenant the application is used & defines who can access the app, what resources the app can access, and more. Managed identity – A type of service principal, a managed identity provides an identity for applications to use when connecting to resources that support Azure AD authentication.
7.
© Copyright Microsoft
Corporation. All rights reserved. Demo Azure Active Directory user settings
8.
© Copyright Microsoft
Corporation. All rights reserved. External identities in Azure AD Two different Azure AD External Identities: B2B collaboration B2B collaboration allows you to share your apps and resources with external users B2C access management B2C is an identity management solution for consumer and customer facing apps
9.
© Copyright Microsoft
Corporation. All rights reserved. The concept of hybrid identities Hybrid identities Hybrid identity model • With the hybrid model, users accessing both on-premises and cloud apps are hybrid users managed in the on-premises Active Directory. • When you make an update in your on- premises AD DS, all updates to user accounts, groups, and contacts are synchronized to your Azure AD with Azure AD Connect
10.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 2: Explore the authentication capabilities of Azure Active Directory
11.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 2 Introduction After completing this module, you’ll be able to: • Describe the secure authentication methods of Azure AD • Describe the password protection and management capabilities of Azure AD
12.
© Copyright Microsoft
Corporation. All rights reserved. Authentication methods of Azure AD Multifactor authentication (MFA) & Security Defaults MFA requires more than one form of verification: • Something you know • Something you have • Something you are Security defaults: • A set of basic identity security mechanisms recommended by Microsoft. • A great option for organizations that want to increase their security posture but don’t know where to start, or for organizations using the free tier of Azure AD licensing.
13.
© Copyright Microsoft
Corporation. All rights reserved. Multi-factor authentication (MFA) in Azure AD Different authentication methods that can be used with MFA Passwords Password & additional verification • Phone (voice or SMS) • Microsoft Authenticator • Open Authentication (OATH) with software or hardware tokens Passwordless • Biometrics (Windows Hello) • Microsoft Authenticator • FIDO2
14.
© Copyright Microsoft
Corporation. All rights reserved. Windows Hello for Business Windows Hello lets users authenticate to: • A Microsoft account • An Active Directory account • An Azure Active Directory (Azure AD) account • Identity Provider Services or Relying Party Services that support Fast ID Online v2.0 authentication Why is Windows Hello safer than a password? Because it's tied to the specific device on which it was set up. Without the hardware, the PIN is useless
15.
© Copyright Microsoft
Corporation. All rights reserved. Self-service password reset (SSPR) in Azure AD Benefits of Self-service password reset: • It increases security. • It saves the organization money by reducing the number of calls and requests to help desk staff. • It increases productivity, allowing the user to return to work faster. Self-service password reset works in the following scenarios: • Password change • Password reset • Account unlock Authentication method of SSPR: • Mobile app notification • Mobile app code • Email
16.
© Copyright Microsoft
Corporation. All rights reserved. Demo Azure Active Directory self-service password reset (SSPR)
17.
© Copyright Microsoft
Corporation. All rights reserved. Password protection & management capabilities in Azure AD Global banned password list Custom banned password lists Protecting against password spray Hybrid security
18.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 3: Explore the access management capabilities of Azure Active Directory
19.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 3 Introduction After this module, you’ll be able to:
20.
© Copyright Microsoft
Corporation. All rights reserved. Conditional access Conditional Access signals: • User or group membership • Named location information • Device • Application • Real-time sign-in risk detection • Cloud apps or actions • User risk Access controls: • Block access • Grant access • Require one or more conditions to be met before granting access • Control user access based on session controls to enable limited experiences within specific cloud applications
21.
© Copyright Microsoft
Corporation. All rights reserved. Demo Azure Active Directory Conditional Access
22.
© Copyright Microsoft
Corporation. All rights reserved. Azure AD role-based access control (RBAC) Azure AD roles control permissions to manage Azure AD resources. Built-in roles Custom roles Azure AD role-based access control Only grant the access users need
23.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 4: Describe the identity protection and governance capabilities of Azure Active Directory
24.
© Copyright Microsoft
Corporation. All rights reserved. Lesson 4 Introduction
25.
© Copyright Microsoft
Corporation. All rights reserved. Identity governance in Azure AD The tasks of Azure AD identity governance • Govern the identity lifecycle. • Govern access lifecycle. • Secure privileged access for administration. Identity lifecycle • Join: A new digital identity is created. • Move: Update access authorizations. • Leave: Access may need to be removed.
26.
© Copyright Microsoft
Corporation. All rights reserved. Entitlement management and access reviews Entitlement management • It is an identity governance feature that enables organizations to manage identity and access lifecycle at scale. • It automates access request workflows, access assignments, reviews, and expiration. Access reviews • Enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignment. • Ensure that only the right people have access to resources • Used to review and manage access for both users and guests Terms of use • Allow information to be presented to users, before they access data or an application. • Ensure users read relevant disclaimers for legal or compliance requirements.
27.
© Copyright Microsoft
Corporation. All rights reserved. Privileged Identity Management (PIM) PIM enables you to manage, control, and monitor access to important resources in your organization. Just in time, providing privileged access only when needed, and not before. Time-bound, by assigning start and end dates that indicate when a user can access resources. Approval-based, requiring specific approval to activate privileges. Visible, sending notifications when privileged roles are activated. Auditable, allowing a full access history to be downloaded.
28.
© Copyright Microsoft
Corporation. All rights reserved. Azure Identity Protection Enables organizations to accomplish three key tasks: • Automate the detection and remediation of identity-based risks. • Investigate risks using data in the portal. • Export risk detection data to third-party utilities for further analysis. It can categorize and calculate risk: • Categorize risk into three tiers: low, medium, and high. • Calculate the sign-in risk, and user identity risk. It provides organizations with three reports: • Risky users • Risky sign-ins • Risk detections
29.
© Copyright Microsoft
Corporation. All rights reserved. Module Summary Azure AD and services and identity types Azure AD supports • Explore the authentication capabilities of Azure AD, including MFA • Explore the access management capabilities of Azure AD with Conditional Access and Azure AD RBAC • Describe identity protection and governance capabilities of Azure AD, including PIM, entitlement management, and access reviews.
30.
© Copyright Microsoft
Corporation. All rights reserved.