MS-500 part 1 - Implement and manage identity and access

At the end of this module, you will be able to:

• Create, configure, and manage users
• Create, configure, and manage groups
• Manage licenses

By the end of this module, you'll be able to:

• Describe the Microsoft 365 authentication and provisioning options
• Explain directory synchronization
• Explain how Azure AD Connect enables coexistence between your on-premises Active Directory environment and Microsoft 365

By the end of this module you will be able to:

• Plan, design, and implement Azure Active Directory Connect (AADC)
• Manage Azure Active Directory Connect (AADC)
• Manage password hash synchronization (PHS)
• Manage pass-through authentication (PTA)
• Manage seamless single sign-on (Seamless SSO)
• Manage federation excluding manual ADFS deployments
• Troubleshoot synchronization errors
• Implement and manage Azure Active Directory Connect Health

By the end of this module, you will be able to:

• Manage external collaboration settings in Azure Active Directory
• Invite external users (individually or in bulk)
• Manage external user accounts in Azure Active Directory
• Configure identity providers (social and SAML/WS-fed)

By the end of this module, you will be able to:

• Manage user passwords
• Describe pass-through authentication
• Enable multifactor authentication
• Describe self-service password management
• Implement Azure AD Smart Lockout
• Create and perform an access review

By the end of this module, you will be able to:

• Administer authentication methods (FIDO2 / Passwordless)
• Implement an authentication solution based on Windows Hello for Business
• Configure and deploy self-service password reset
• Deploy and manage password protection
• Implement and manage tenant restrictions

By the end of this module, you will be able to:

• Plan and implement security defaults.
• Plan Conditional Access policies.
• Implement Conditional Access policy controls and assignments (targeting, applications, and conditions).
• Test and troubleshoot Conditional Access policies.
• Implement application controls.
• Implement session management.
• Configure smart lockout thresholds.

By the end of this module, you will be able to:

• Define a privileged access strategy for administrative users (resources, roles, approvals, and thresholds)
• Configure Privileged Identity Management for Azure AD roles
• Configure Privileged Identity Management for Azure resources
• Assign roles
• Manage PIM requests
• Analyze PIM audit history and reports
• Create and manage emergency access accounts

By the end of this module, you will be able to:

• Define catalogs.
• Define access packages.
• Plan, implement and manage entitlements.
• Implement and manage terms of use.
• Manage the lifecycle of external users in Azure AD Identity Governance settings.

By the end of this module you will be able to:

• Implement and manage a user risk policy
• Implement and manage sign-in risk policies
• Implement and manage MFA registration policy
• Monitor, investigate, and remediate elevated risky users

• Introduction
• Create, configure, and manage users
• Exercise - assign licenses to users
• Exercise - restore or remove deleted users
• Create, configure, and manage groups
• Exercise - add groups in Azure Active Directory
• Manage licenses
• Exercise - change group license assignments
• Exercise - change user license assignments
• Knowledge check
• Summary and resources

• Introduction
• Examine authentication options in Microsoft 365
• Examine provisioning options in Microsoft 365
• Explore directory synchronization
• Explore Azure AD Connect
• Knowledge check
• Summary

• Introduction
• Plan, design, and implement Azure Active Directory Connect
• Implement manage password hash synchronization (PHS)
• Implement manage pass-through authentication (PTA)
• Demo - Manage pass-through authentication and seamless single sign-on
• Implement and manage federation
• Trouble-shoot synchronization errors
• Implement Azure Active Directory Connect Health
• Manage Azure Active Directory Connect Health
• Knowledge check
• Summary and resources

• Introduction
• Manage external collaboration
• Exercise - configure external collaboration
• Invite external users - individually and in bulk
• Exercise - add guest users to directory
• Exercise - invite guest users bulk
• Demo - manage guest users in Azure Active Directory
• Manage external user accounts in Azure Active Directory
• Exercise - explore dynamic groups
• Configure identity providers
• Knowledge check
• Summary and resources

• Introduction
• Manage user passwords
• Explore pass-through authentication
• Enable multifactor authentication
• Explore self-service password management
• Implement Azure AD Smart Lockout
• Create and run an access review
• Knowledge check
• Summary

• Introduction
• Administer FIDO2 and passwordless authentication methods
• Implement an authentication solution based on Windows Hello for Business
• Exercise configure and deploy self-service password reset
• Deploy and manage password protection
• Implement and manage tenant restrictions
• Knowledge check
• Summary and resources

• Introduction
• Plan security defaults
• Exercise - Work with security defaults
• Plan Conditional Access policies
• Implement Conditional Access policy controls and assignments
• Exercise - Implement Conditional Access policies roles and assignments
• Test and troubleshoot Conditional Access policies
• Implement application controls
• Implement session management
• Exercise - Configure authentication session controls
• Configure smart lockout thresholds
• Exercise - Manage Azure Active Directory smart lockout values
• Knowledge check
• Summary and resources

• Introduction
• Define a privileged access strategy for administrative users
• Configure Privileged Identity Management for Azure resources
• Exercise configure Privileged Identity Management for Azure Active Directory roles
• Exercise assign Azure Active Directory roles in Privileged Identity Management
• Exercise assign Azure resource roles in Privileged Identity Management
• Analyze Privileged Identity Management audit history and reports
• Create and manage emergency access accounts
• Knowledge check
• Summary and resources

• Introduction
• Define access packages
• Exercise create and manage a resource catalog with Azure AD entitlement
• Configure entitlement management
• Exercise add terms of use acceptance report
• Exercise manage the lifecycle of external users with Azure AD identity governance
• Knowledge check
• Summary and resources

• Introduction
• Review identity protection basics
• Implement and manage user risk policy
• Exercise enable sign-in risk policy
• Exercise configure Azure Active Directory multi-factor authentication registration policy
• Monitor, investigate, and remediate elevated risky users
• Knowledge check
• Summary and resources