Architecting Azure Solutions (70-534): Secure Resources

In this course, we will address the Secure Resources objective of the Architecting Microsoft Azure Solutions (70-534) exam.
Course info
Rating
(51)
Level
Intermediate
Updated
Jan 6, 2016
Duration
3h 0m
Table of contents
Introduction to the Secure Resources Objective Domain
Comparing On-premises Active Directory and Azure Active Directory
Accessing Azure AD Using Graph API
Securing Access to Resources from Azure AD Applications Using OAuth and Open ID Connect
DirSync and Azure AD Connect
Securing Azure Resources Using Federated Identities
Securing Azure Resources Using Identity Providers
Azure Data Security Solutions
Azure Role Based Access Control
Description
Course info
Rating
(51)
Level
Intermediate
Updated
Jan 6, 2016
Duration
3h 0m
Description

In this course, we will cover the Secure Resources objective of the Architecting Microsoft Azure Solutions exam. This course addresses integrating Azure AD with AD FS, Social Identity Providers, Managed Identities, Azure Key Vault, Azure Disk Encryption, Azure RBAC, Azure AD Graph API and accessing Azure using OAuth and OpenID Connect.

About the author
About the author

Orin Thomas is an MVP, a Microsoft Regional Director, an MCT, and has a string of Microsoft MCSE and MCITP certifications.

More from the author
More courses by Orin Thomas
Section Introduction Transcripts
Section Introduction Transcripts

Comparing On-premises Active Directory and Azure Active Directory
Hello, and welcome to Pluralsight. My name's Orin Thomas and this is the Comparing On-Premises Active Directory and Azure Active Directory module of my secure resources course for Pluralsight. This course addresses secure resources domain of the 70-534 Architecting Microsoft Azure Solutions exam. This particular module deals with the objective, secure resources by using managed identities, which includes the objective point compare On-Premises Active Directory and Azure Active Directory. So in this module, we'll look at On-Premises Active Directory and we'll look at Azure Active Directory. Let's get into it.

Accessing Azure AD Using Graph API
Hello, and welcome to Pluralsight! My name's Orin Thomas and this is the Accessing Azure Active Directory Using Graph API module of my secure resources course. This particular module deals with the secure resources by using managed identities objective of the secure resources objective domain, which is what this course is all about. Of the 70-534 Architecting Microsoft Azure Solutions exam, which is what this series of courses is about. Now, remember my warning. I give you this at the start of each module: Remember that Azure is a moving target. Everything I'm telling you now is correct for the time at which I am recording this course. I'll update the course as necessary, but remember that Azure is always evolving, so of course as part of your exam preparation for 70-534 Exam, you need to do a little more than just watch this course, you'll also need to play with it in Azure yourself as well as read accompanying documentation. Anyway, in this module I'll look at Azure AD Graph API, I'll look at API requests, I'll talk a little bit about authentication and authorization, and I'll talk about endpoint addressing. Let's get into it!

Securing Access to Resources from Azure AD Applications Using OAuth and Open ID Connect
Good day and welcome to Pluralsight. My name is Orin Thomas and in this module we're going to be looking at securing access to resources from Azure AD applications using OAuth and Open ID Connect. So, this particular module deals with part of the secure resource by using managed identities objective of the secure resources objective domain, which is what this entire course is about of the 70-534: Architecting Microsoft Azure Solutions exam, which is what this set of courses deals with. As I warn you at the start of every module, remember that Azure is a moving target. What I'm telling you now is relevant and correct for now. It may change in future and as someone who's studying for this exam, it's up to you to be up to date with what's going on in the world of Azure. Remember, you need more than just this course to actually pass this exam. You need to be able to go and do all of this stuff in Azure itself. Anyway, in this fairly short module, we're going to be looking at OAuth and we're going to be looking at OpenID Connect. Let's get in to it.

DirSync and Azure AD Connect
Hello and welcome to Pluralsight. My name is Orin Thomas and in this module we're going to look at DirSync and Azure AD Connect. So this module deals with the secure resources by using hybrid identities objective which is part of the secure resources objective domain of the 70-534 Architecting Microsoft Azure Solutions exam. And, of course, this module is just one of many that deals with the whole secure resources objective which is what this course deals with and this series of courses the 70-534 Architecting Microsoft Azure Solutions exam. Now right off the bat it's important to say that we're really going to be covering Azure AD Connect in this module. I'll talk about DirSync for a little bit but DirSync is actually deprecated, that's not the tool that you would be using going forward. And that gets me on to my next point, remember Azure is a moving target. The technologies that are mentioned in this course are relevant for the time at which this course was recorded. It's possible that new technologies have come out. Now, my assumption here is now that we're sort of settled on Azure AD Connect and we've had a couple of tools recently we'll probably settle on Azure AD Connect for at least the next few years. So I'd be really surprised if it changed. Anyway, in this module will talk about directory synchronization, we'll talk about DirSync and other retired tools, and then finally we're going to get into the meat and potatoes of Azure AD Connect. Let's get into it.

Securing Azure Resources Using Federated Identities
Good day and welcome to Pluralsight. My name's Orin Thomas and in this module we're looking at securing Azure resources using Federated Identities. This module deals with the secure resources by using hybrid identities objective of the Secure Resources Objective Domain. And, of course, as you know by now, this entire course deals with the Secure Resources Objective Domain. And this set of courses deals with the 70-534: Architecting Microsoft Azure Solutions exam. Now, as I remind you in all of these modules, remember that Azure is a moving target. A lot of these technologies are moving very quickly, so what I'm telling you is accurate for the time at which I'm recording it. But, as part of your exam preparation, you know that you need to actually do this in the real world against Azure itself, rather than just watching this on a video that I've put together for Pluralsight. Anyway, in this module we're going to look at Azure Access Control Services. And we're going to talk about AD FS Federation with Azure AD Connect. Let's get into it.

Securing Azure Resources Using Identity Providers
Good day, and welcome to Pluralsight. My name's Orin Thomas, and in this module, we're going to look at Securing Azure Resources Using Identity Providers. So, this specific module looks at the secure resources by using identity providers' objective of the secure resources objective domain. Of course, as you know by now, all of the modules in this course deal with the secure resources objective domain. This objective domain is one of many in the 70-534: Architecting Microsoft Azure Solutions exam. So there's a bunch of courses, this is the second one, that deal with this exam, and this second one deals with secure resources objective domain. Other courses deal, of course, with other objective domains. Anyway, here's my standard warning: Remember that Azure is a moving target, especially in this module; I'm talking about a feature that, at the time I'm recording it, is actually in preview, so it might be a little different by the time that you're actually playing with it. And that's something else I want to get across to you: remember that just watching this course isn't going to be enough for you to prepare for this exam. You need to actually go out and do this stuff in Azure, and you also need to dive deeper by yourself into the technical documentation. Anyway, in this module, we're going to look at Azure B2C, and we're going to look at Adding social identity providers to Azure. Let's get into it.

Azure Data Security Solutions
Hello and welcome to Pluralsight. My name's Orin Thomas, and in this module, we're going to talk about Azure Data Security Solutions. This module deals with the identify an appropriate data security solution objective of the secure resources objective demand, which is what this entire course deals with of the 70-534 Architecting Microsoft Azure Solutions exam which is what this set of courses deals with. As I say at the start of every module, remember that Azure is a moving target, especially considering some of the technologies I cover in this module, really only sort of came out of preview around the time that I'm recording the module. So, the way that you do things, for example, some of the stuff you can't do in the portal, just when I'm recording this, may be fully available in the portal by the time you're actually watching this course. So, as I always say, this course isn't going to tell you everything about the exam. Your exam preparation involves you reading a lot of documentation that you may be led to from listening to this course. It also involves you actually going out and playing with your own or your organization's, hopefully your own Azure subscription and actually doing these things in the real world. So, in this module, we're going to look at Azure Key Vault. We're going to talk about Azure disk encryption. We're going to talk about Azure client side encryption. We're going to talk about SQL encryption. We'll briefly touch on AD RMS, and I'll remind you about Access Control Lists. Let's get into it.

Azure Role Based Access Control
Hello and welcome to Pluralsight. My name is Orin Thomas and in this module we'll be looking at Azure Role Based Access Control. Now this module deals with part of the design a role-based access control strategy objective of the secure resources objective domain. Of course all modules in this course deal with the secure resources objective domain. And that objective domain is part of the 70-534 Architecting Microsoft Azure Solutions exam. Now, as I said, in every module remember that Azure is a moving target. Everything that I'm telling you is correct at the time I'm recording this but Azure is always changing. There's always new features and there's always new functionality. So what you should also do as part of your study for the 70-534 exam is make sure you've actually gone and used Azure to do the sort of stuff that we're doing in this module. Best way to know something is to be able to actually go and do it. Also check out TechNet information or the Azure documentation. Check out Ignite sessions. Check out as much information as you can get. You should always when you're studying for an exam, check out as much information as you can so you get a very holistic view of what's going on with those exam objectives. Anyway, in this module we'll look at RBAC which is basically the acronym for Role Based Access Control. We'll look at resource scopes, we'll look at the built-in roles and we'll look at assigning and removing roles from security principles. Let's get into it.