Identity Protection and Governance  (Coursera)

You will get acquainted with Conditional Access, multifactor authentication (MFA), and other capabilities. You will learn how to plan and configure privilege identity management (PIM). You will also learn how to manage, assign, activate, and approve requests for a privileged access group. You will explore how to investigate and remediate risks.

This course will give you an in-depth understanding of the shared responsibility model. You will learn to create policies and configure and deploy access to services using RBAC. You will see how to configure the built-in roles in Azure to control access to Azure resources. Finally, you will learn to monitor, maintain, and protect resources.

This is the second course in a series of seven courses that will prepare you to succeed in the AZ-500 exam.

This course is part of the Microsoft Azure Security Engineer Associate (AZ-500) Professional Certificate.

Sylabus

Identity protection and governance

Module 1

In this module, you will learn how to protect identities in Azure AD using Conditional Access, multifactor authentication (MFA), access reviews, and other capabilities. You will learn how to plan and configure privilege identity management (PIM) for roles and resources. You will also learn how to manage, assign, activate, and approve requests for a privileged access group. You will also learn how to investigate and remediate risks detected by Azure AD Identity Protection.

Policies, initiatives and recommendations

Module 2

In this module, you will learn about the core principles of enterprise governance. You will gain an in-depth understanding of the shared responsibility model and how it impacts security configuration. You will explore the Azure cloud security advantages. You will learn how to create policies to protect your solutions and configure and deploy access to services using role-based access control (RBAC). You will also learn about the Azure hierarchy of systems.

Role-based access control

Module 3

In this module, you will learn about Azure role-based access control (RBAC) and how to enable and assign RBAC roles, including the key differences between Azure Policy and RBAC. You will learn how to configure the built-in roles in Azure to control access to Azure resources, the structure of role definitions for access control, how to define custom role permissions, and create and assign a custom role to a user. You will also learn how to monitor, maintain, and protect resources. You will learn how to deploy Azure blueprints and design an Azure subscription management plan.

Project and graded assessment

Module 4

In this module, you will attempt a course-level ungraded project and graded assessment.