Reviews
Target Audience
Course Overview
Course Requirements
Course Syllabus
See All    Download exam skill outline
-
Module 1: Implement an identity management solution

In this module, you ll learn to deploy and configure your initial Microsoft Entra ID (formerly Azure Active Directory) tenant. You will set up user and group structures, integrate external collaborators securely, and establish hybrid identity synchronization for unified identity management across cloud and on-premises environments.


Lessons

  • Implement initial configuration of Microsoft Entra ID

  • Create, configure, and manage user and group identities

  • Implement and manage external identities for secure collaboration

  • Implement and manage hybrid identity solutions (e.g., synchronization, seamless SSO)

Lab

  • Managing user roles and tenant-wide settings

  • Assigning and modifying licenses for users and groups

  • Restoring or removing deleted users

  • Adding and configuring dynamic groups, external collaboration settings, and guest user management


After completing this module, students will be able to:

  • Deploy an initail Azure AD with custom settings
  • Manage both internal and external identities
  • Implement a hybrid identity solution
-
Module 2: Implement an authentication and access management solution

In this module, you ll implement and manage robust access control using Microsoft Entra ID. You ll configure multifactor authentication (MFA), set up conditional access policies, deploy identity protection mechanisms, and ensure secure authentication flows to safeguard your enterprise environment.


Lessons

  • Secure Microsoft Entra users with multifactor authentication

  • Manage user authentication methods and settings

  • Plan, implement, and administer conditional access policies

  • Manage identity protection features in Microsoft Entra ID

  • (Additionally) Implement access management for Azure resources

  • (Additionally) Deploy and configure Microsoft’s Global Secure Access solutions

Lab

  • Enable and configure Azure AD MFA

  • Set up and deploy self-service password reset (SSPR)

  • Work with security defaults and baseline security settings

  • Implement conditional access policies, control session lifetimes, and role assignments

  • Configure authentication session controls and smart lockout values

  • Enable sign-in risk policies and MFA registration policies

  • (Extended) Use Azure Key Vault for managed identities


After completing this module, students will be able to:

  • Configure and manage secure authentication mechanisms, including MFA and user sign-in controls

  • Enforce resource access control through finely-tuned conditional access policies

  • Use Microsoft Entra Identity Protection to monitor, detect, and respond to identity risks

-
Module 3: Implement access management for Apps

Explore how applications can and should be added to your identity and access solution with application registration in Azure AD.

Lessons

  • Plan and design the integration of enterprise for SSO
  • Implement and monitor the integration of enterprise apps for SSO
  • Implement app registration
Lab

  • Creating custom roles to manage application registrations

  • Registering a new application in Microsoft Entra ID

  • Granting tenant-wide admin consent to an application

  • Defining app roles and verifying token issuance for role-based access

After completing this module, students will be able to:

  • Register new applications in Microsoft Entra ID and configure their authentication contexts

  • Plan, implement, and monitor SSO across enterprise applications, ensuring streamlined user access

  • Manage application permissions effectively, including role assignments and consent settings

-
Module 4: Plan and implement an identity governancy strategy

In this module, you ll design and implement a comprehensive identity governance framework using Microsoft Entra ID. You ll learn to automate access through entitlement management, conduct periodic access reviews, implement privileged access controls via PIM, and monitor the health of your identity environment through diagnostics and log analysis.

Lessons

  • Plan and implement entitlement management to automate access provisioning

  • Plan, implement, and manage access reviews for ongoing compliance

  • Plan and implement privileged access using Privileged Identity Management (PIM)

  • Monitor and maintain Microsoft Entra ID using audit and diagnostic logs

Lab

  • Create and manage a resource catalog with Entra ID entitlement management

  • Add terms of use and generate acceptance reports

  • Manage external user lifecycle via identity governance settings

  • Create access reviews for both groups and applications

  • Configure PIM to govern Azure AD roles and Azure resource roles

  • Connect Entra ID identity logs to Azure Sentinel for monitoring

After completing this module, students will be able to:

  • Manage and maintain identity lifecycle, governance processes, and directory configurations

  • Utilize entitlement management to streamline access requests and approvals

  • Use access reviews to enforce least privilege and maintain secure access controls

  • Implement privileged access workflows with PIM to enhance role security and auditability

  • Monitor directory health and activity through integration with Sentinel analytics