Configuring Identity and Access in Microsoft Azure

Paths

Configuring Identity and Access in Microsoft Azure

Authors: Tim Warner, Neil Morrissey

Identity and Access Management is usually one of the first topics you think of when someone mentions security in the cloud. Microsoft Azure Cloud Platform, like any other cloud... Read more

What you will learn:

  • Active Directory
  • Multi-factor Authentication
  • Microsoft Azure Subscriptions

Pre-requisites

This is a beginner path with no prerequisites.

Beginner

The courses in this section will teach you the fundamentals for Identity and Access Management on Microsoft Azure, including configuring PIM, monitoring PIM, and performing reviews of PIM. These topics are the perfect foundation for you to move to the intermediate level.

Configuring Microsoft Azure Active Directory Privileged Identity Management

by Tim Warner

Jun 21, 2019 / 1h 31m

1h 31m

Start Course
Description

Which accounts have high-privilege access to your Azure AD tenant and trusting subscriptions? How easily can you report and remediate this issue? In this course, Configuring Microsoft Azure Active Directory Privileged Identity Management, you will learn how to use this tool to quickly identify high-privilege role holders and assign time-limited on-demand administrative access. First, you will gain an understanding of how to use Azure AD PIM to manage and report on both Azure AD and Azure resource roles. Next, you will discover the "hows and whys" of access reviews. Finally, you will explore how to audit the entire process to ensure security compliance. When you are finished with this course, you will have the skills and knowledge to enforce least-privilege access in your Azure environment, which greatly increases your organizational security posture in Azure.

Table of contents
  1. Course Overview
  2. Activate and Configure Azure AD PIM
  3. Implement and Monitor Azure AD PIM Privileged Access
  4. Organize and Perform Azure AD PIM Access Reviews

Intermediate

These intermediate courses will take you through some of the more intricate elements within Identity and Access Management on Microsoft Azure, including implementing MFA and configuring Microsoft AD for Microsoft Azure Workloads. Once you fully comprehend the topics in this area, you’ll be ready to move on to the advanced courses.

Implementing and Managing Microsoft Azure Multi-factor Authentication

by Neil Morrissey

Jun 28, 2019 / 5h 3m

5h 3m

Start Course
Description

Username and password authentication is susceptible to many forms of attack, and multi-factor authentication offers a way to mitigate this threat. Azure multi-factor authentication is a global service that allows you to add a second factor of authentication to your on-premises and cloud based systems using a hardware device already in the hands of your users and customers - their mobile phone. In this course, Implementing and Managing Microsoft Azure Multi-factor Authentication, you'll learn how to configure Azure MFA in the cloud and on-premises. First, you'll discover the self-service options available to users and business administrators, and how to integrate Azure MFA with a variety of technologies and applications. Next, you'll explore the configuration options to integrate Azure MFA with your existing systems. Finally, you'll see how to protect cloud-based applications with MFA and Conditional Access Policies. By the end of this course, you'll know how to deploy, configure, and monitor Azure MFA, in the cloud and on-premises.

Table of contents
  1. Course Overview
  2. Understanding Azure Multi-factor Authentication
  3. Configuring Azure MFA in the Cloud
  4. Implementing Azure MFA Server On-premises
  5. Integrating Azure MFA with On-premises Systems
  6. The MFA User Portal for Self-service and Administration
  7. Configuring the Microsoft Authenticator and OATH Clients
  8. Protecting Cloud-based Applications
  9. Monitoring and Reporting with Azure MFA

Configuring Azure Active Directory for Microsoft Azure Workloads

by Tim Warner

Jun 20, 2019 / 2h 54m

2h 54m

Start Course
Description

You are a Microsoft Azure security engineer tasked with managing Azure Active Directory. In this course, Configuring Azure Active Directory for Microsoft Azure Workloads, you learn how to secure Azure AD for use as an identity store for your Azure-based cloud applications. First, you will discover how to create and configure Azure AD user and group accounts. Next, you will learn how to configure authentication methods, including deploying a hybrid cloud with Azure AD Connect. Finally, you will explore how to create and manage Azure AD application registrations. When you are finished with this course, you will have the skills and knowledge needed to provide security oversight of Azure AD.

Table of contents
  1. Course Overview
  2. Administering Azure AD Users and Groups
  3. Managing Azure AD Directory Roles
  4. Configuring Authentication Methods in Azure AD
  5. Installing and Configuring Azure AD Connect
  6. Creating Application Registrations in Azure AD

Advanced

In this section, you’ll get the opportunity to explore the more complicated areas in Identity and Access Management on Microsoft Azure. For example, you’ll learn about resource permission, RBAC roles, external accounts, and API Access.

Securing Microsoft Azure Subscriptions

by Tim Warner

Jun 6, 2019 / 2h 24m

2h 24m

Start Course
Description

At the core of Azure subscription security is a thorough knowledge of least-privilege authorization. In this course, Securing Microsoft Azure Subscriptions, you will learn how to protect your Azure AD tenants and the subscriptions that trust them. First, you will touch on how to implement role-based access control for your Azure resources and Azure AD tenant. Next, you will explore how to identify and manage high-privilege external accounts in Azure AD. Finally, you will discover how to protect application programming interface (API) access to Azure AD and, by extension, to your cloud apps. When you are finished with this course, you will have a foundational knowledge of Azure subscription security that will help you as you move forward in your Azure security engineer career. Software required: Microsoft Azure subscription.

Table of contents
  1. Course Overview
  2. Configuring Microsoft Azure Subscription and Resource Permissions
  3. Creating Custom RBAC Roles in Microsoft Azure
  4. Identifying High-privilege External Accounts in Microsoft Azure
  5. Transferring Microsoft Azure Subscriptions between Azure AD Tenants
  6. Managing API Access to Microsoft Azure Subscriptions and Resources