Denna kurs ger dig en övergripande insikt och förståelse för de mekanismer och utmaningar en organisation behöver hantera för att hålla en modern IT-miljö säker. Kursen introducerar tre grundpelare i försvaret mot attacker - Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA) och Privileged Identity Management (PIM).
Detta är den fjärde delkursen i Azure Integration and Security, en serie om fyra fortsättningskurser på en dag vardera som tillsammans täcker ett antal avancerade aspekter på en helt eller delvis Azure-baserad infrastruktur. Du kan välja att gå denna dag som en enskild kurs eller kombinera den med de övriga sammanhängande kurserna.
This course teaches IT Professionals to understand the challenges that organizations face in keeping modern IT environments secure, as the more distributed environments that are part of a cloud-first or hybrid world have rapidly created new security challenges for IT. The course focuses on three key areas in the defense against attackers who target security vulnerabilities, resulting particularly from credential theft and compromised identities: Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), and Azure Active Directory Privileged Identity Management (PIM). Students learn to implement two-step verification to secure the sign-in process, as well has how to use advanced features like trusted IPs and Fraud Alerts with MFA to customize their identity access strategy. Using Privileged Identity Management, students learn how to apply just the right amount of access rights for just the right amount of time to the various administrative roles as well as to resources.
This course is for Azure Administrators. Azure Administrators manage the cloud services that span storage, networking, and compute cloud capabilities, with a deep understanding of each service across the full IT lifecycle. They take end-user requests for new cloud applications and make recommendations on services to use for optimal performance and scale, as well as provision, size, monitor and adjust as appropriate. This role requires communicating and coordinating with vendors. Azure Administrators use the Azure Portal and as they become more proficient they use PowerShell and the Command Line Interface.
At course completion
After completing this course, students will be able to:
- Use Azure RBAC to grant a granular level of access based on an administrator’s assigned tasks.
- Use Azure Multi-Factor Authentication to configure a strong authentication for users at sign-in.
- User Azure AD Privileged Identity Management to configure access rights based on just-in-time administration.
Du behöver grundläggande kunskaper i hantering av en Azure-baserad infrastruktur, motsvarande vår utbildning Azure Infrastructure and Deployment (Länk MAZ-100T).
Introduction to Identity Protection in Azure
In this module, you’ll learn about Role-Based Access Control as the foundation to organizing and managing an organization’s administrative access based on the principle of least privilege. You will also review Azure Active Directory concepts, as well as gaining insight into the threat landscape and security risks that are exposed to IT organizations through breach of privileged access.
- Role-Based Access Control
- Azure Active Directory (Refresher)
- Protecting Privileged Access in the Environment
Using Multi-Factor Authentication for Secure Access
In this module, you’ll learn about securing the sign-in process through Multi-Factor Authentication (MFA). You’ll learn how MFA works and the differences in implementation between on-premises and cloud scenarios. You’ll also learn about using conditional access policies to provide more fine-grained control over apps and resources in your environment.
- Introducing Multi-Factor Authentication
- Implementing MFA
Azure AD Privileged Identity Management
In this module, you’ll learn how to use Azure Privileged Identity Management (PIM) to enable just-in-time administration and control the number of users who can perform privileged operations. You’ll also learn about the different directory roles available as well as newer functionality that includes PIM being expanded to role assignments at the resource level.
- Getting Started with PIM
- PIM Security Wizard
- PIM for Directory Roles
- PIM for Role Resources