Learn to create and manage your initial Azure Active Directory (Azure AD) implementation and configure the users, groups, and external identities you will use to run your solution.

Lessons

• Implement Initial configuration of Azure AD
• Create, configure, and manage identities
• Implement and manage external identities
• Implement and manage hybrid identity

Lab : Manage user roles

Lab : Setting tenant-wide properties

Lab : Assign licenses to users

Lab : Restore or remove deleted users

Lab : Add groups in Azure AD

Lab : Change group license assignments

Lab : Change user license assignments

Lab : Configure external collaboration

Lab : Add guest users to the directory

Lab : Explore dynamic groups

After completing this module, students will be able to:

• Deploy an initail Azure AD with custom settings
• Manage both internal and external identities
• Implement a hybrid identity solution

Implement and administer your access management using Azure AD. Use MFA, conditional access, and identity protection to manager your identity solution.

Lessons

• Secure Azure AD user with MFA
• Manage user authentication
• Plan, implement, and administer conditional access
• Manage Azure AD identity protection

Lab : Enable Azure AD MFA

Lab : Configure and deploy self-service password reset (SSPR)

Lab : Work with security defaults

Lab : Implement conditional access policies, roles, and assignments

Lab : Configure authentication session controls

Lab : Manage Azure AD smart lockout values

Lab : Enable sign-in risk policy

Lab : Configure Azure AD MFA authentication registration policy

After completing this module, students will be able to:

• Configure and manage user authentication including MFA
• Control access to resources using conditional access
• Use Azure AD Identity Protection to protect your organization

Explore how applications can and should be added to your identity and access solution with application registration in Azure AD.

Lessons

• Plan and design the integration of enterprise for SSO
• Implement and monitor the integration of enterprise apps for SSO
• Implement app registration

Lab : Implement access management for apps

Lab : Create a custom role to management app registration

Lab : Register an application

Lab : Grant tenant-wide admin consent to an application

Lab : Add app roles to applications and recieve tokens

After completing this module, students will be able to:

• Register a new application to your Azure AD
• Plan and implement SSO for enterprise application
• Monitor and maintain enterprise applications

Design and implement identity governance for your identity solution using entitlement, access reviews, privileged access, and monitoring your Azure Active Directory (Azure AD).

Lessons

• Plan and implement entitlement management
• Plan, implement, and manage access reviews
• Plan and implement privileged access
• Monitor and maintain Azure AD

Lab : Creat and manage a resource catalog with Azure AD entitlement

Lab : Add terms of use acceptance report

Lab : Manage the lifecycle of external users with Azure AD identity governance

Lab : Create access reviews for groups and apps

Lab : Configure PIM for Azure AD roles

Lab : Assign Azure AD role in PIM

Lab : Assign Azure resource roles in PIM

Lab : Connect data from Azure AD to Azure Sentinel

After completing this module, students will be able to:

• Mange and maintain Azure AD from creation to solution
• Use access reviews to maintain your Azure AD
• Grant access to users with entitlement management