Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

MS-500 part 1 - Implement and manage identity and access

Microsoft via Microsoft Learn

Overview

  • Module 1: Create, configure, and manage identities
  • At the end of this module, you will be able to:

    • Create, configure, and manage users
    • Create, configure, and manage groups
    • Manage licenses
  • Module 2: Explore identity synchronization
  • By the end of this module, you'll be able to:

    • Describe the Microsoft 365 authentication and provisioning options
    • Explain directory synchronization
    • Explain how Azure AD Connect enables coexistence between your on-premises Active Directory environment and Microsoft 365
  • Module 3: Implement and manage hybrid identity
  • By the end of this module you will be able to:

    • Plan, design, and implement Azure Active Directory Connect (AADC)
    • Manage Azure Active Directory Connect (AADC)
    • Manage password hash synchronization (PHS)
    • Manage pass-through authentication (PTA)
    • Manage seamless single sign-on (Seamless SSO)
    • Manage federation excluding manual ADFS deployments
    • Troubleshoot synchronization errors
    • Implement and manage Azure Active Directory Connect Health
  • Module 4: Implement and manage external identities
  • By the end of this module, you will be able to:

    • Manage external collaboration settings in Azure Active Directory
    • Invite external users (individually or in bulk)
    • Manage external user accounts in Azure Active Directory
    • Configure identity providers (social and SAML/WS-fed)
  • Module 5: Explore password management in Microsoft 365
  • By the end of this module, you will be able to:

    • Manage user passwords
    • Describe pass-through authentication
    • Enable multifactor authentication
    • Describe self-service password management
    • Implement Azure AD Smart Lockout
    • Create and perform an access review
  • Module 6: Manage user authentication
  • By the end of this module, you will be able to:

    • Administer authentication methods (FIDO2 / Passwordless)
    • Implement an authentication solution based on Windows Hello for Business
    • Configure and deploy self-service password reset
    • Deploy and manage password protection
    • Implement and manage tenant restrictions
  • Module 7: Plan, implement, and administer Conditional Access
  • By the end of this module, you will be able to:

    • Plan and implement security defaults.
    • Plan Conditional Access policies.
    • Implement Conditional Access policy controls and assignments (targeting, applications, and conditions).
    • Test and troubleshoot Conditional Access policies.
    • Implement application controls.
    • Implement session management.
    • Configure smart lockout thresholds.
  • Module 8: Plan and implement privileged access
  • By the end of this module, you will be able to:

    • Define a privileged access strategy for administrative users (resources, roles, approvals, and thresholds)
    • Configure Privileged Identity Management for Azure AD roles
    • Configure Privileged Identity Management for Azure resources
    • Assign roles
    • Manage PIM requests
    • Analyze PIM audit history and reports
    • Create and manage emergency access accounts
  • Module 9: Plan and implement entitlement management
  • By the end of this module, you will be able to:

    • Define catalogs.
    • Define access packages.
    • Plan, implement and manage entitlements.
    • Implement and manage terms of use.
    • Manage the lifecycle of external users in Azure AD Identity Governance settings.
  • Module 10: Manage Azure AD Identity Protection
  • By the end of this module you will be able to:

    • Implement and manage a user risk policy
    • Implement and manage sign-in risk policies
    • Implement and manage MFA registration policy
    • Monitor, investigate, and remediate elevated risky users

Syllabus

  • Module 1: Create, configure, and manage identities
    • Introduction
    • Create, configure, and manage users
    • Exercise - assign licenses to users
    • Exercise - restore or remove deleted users
    • Create, configure, and manage groups
    • Exercise - add groups in Azure Active Directory
    • Manage licenses
    • Exercise - change group license assignments
    • Exercise - change user license assignments
    • Knowledge check
    • Summary and resources
  • Module 2: Explore identity synchronization
    • Introduction
    • Examine authentication options in Microsoft 365
    • Examine provisioning options in Microsoft 365
    • Explore directory synchronization
    • Explore Azure AD Connect
    • Knowledge check
    • Summary
  • Module 3: Implement and manage hybrid identity
    • Introduction
    • Plan, design, and implement Azure Active Directory Connect
    • Implement manage password hash synchronization (PHS)
    • Implement manage pass-through authentication (PTA)
    • Demo - Manage pass-through authentication and seamless single sign-on
    • Implement and manage federation
    • Trouble-shoot synchronization errors
    • Implement Azure Active Directory Connect Health
    • Manage Azure Active Directory Connect Health
    • Knowledge check
    • Summary and resources
  • Module 4: Implement and manage external identities
    • Introduction
    • Manage external collaboration
    • Exercise - configure external collaboration
    • Invite external users - individually and in bulk
    • Exercise - add guest users to directory
    • Exercise - invite guest users bulk
    • Demo - manage guest users in Azure Active Directory
    • Manage external user accounts in Azure Active Directory
    • Exercise - explore dynamic groups
    • Configure identity providers
    • Knowledge check
    • Summary and resources
  • Module 5: Explore password management in Microsoft 365
    • Introduction
    • Manage user passwords
    • Explore pass-through authentication
    • Enable multifactor authentication
    • Explore self-service password management
    • Implement Azure AD Smart Lockout
    • Create and run an access review
    • Knowledge check
    • Summary
  • Module 6: Manage user authentication
    • Introduction
    • Administer FIDO2 and passwordless authentication methods
    • Implement an authentication solution based on Windows Hello for Business
    • Exercise configure and deploy self-service password reset
    • Deploy and manage password protection
    • Implement and manage tenant restrictions
    • Knowledge check
    • Summary and resources
  • Module 7: Plan, implement, and administer Conditional Access
    • Introduction
    • Plan security defaults
    • Exercise - Work with security defaults
    • Plan Conditional Access policies
    • Implement Conditional Access policy controls and assignments
    • Exercise - Implement Conditional Access policies roles and assignments
    • Test and troubleshoot Conditional Access policies
    • Implement application controls
    • Implement session management
    • Exercise - Configure authentication session controls
    • Configure smart lockout thresholds
    • Exercise - Manage Azure Active Directory smart lockout values
    • Knowledge check
    • Summary and resources
  • Module 8: Plan and implement privileged access
    • Introduction
    • Define a privileged access strategy for administrative users
    • Configure Privileged Identity Management for Azure resources
    • Exercise configure Privileged Identity Management for Azure Active Directory roles
    • Exercise assign Azure Active Directory roles in Privileged Identity Management
    • Exercise assign Azure resource roles in Privileged Identity Management
    • Analyze Privileged Identity Management audit history and reports
    • Create and manage emergency access accounts
    • Knowledge check
    • Summary and resources
  • Module 9: Plan and implement entitlement management
    • Introduction
    • Define access packages
    • Exercise create and manage a resource catalog with Azure AD entitlement
    • Configure entitlement management
    • Exercise add terms of use acceptance report
    • Exercise manage the lifecycle of external users with Azure AD identity governance
    • Knowledge check
    • Summary and resources
  • Module 10: Manage Azure AD Identity Protection
    • Introduction
    • Review identity protection basics
    • Implement and manage user risk policy
    • Exercise enable sign-in risk policy
    • Exercise configure Azure Active Directory multi-factor authentication registration policy
    • Monitor, investigate, and remediate elevated risky users
    • Knowledge check
    • Summary and resources

Reviews

Start your review of MS-500 part 1 - Implement and manage identity and access

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.