Professional Documents
Culture Documents
SC900 - 02 - Identité
SC900 - 02 - Identité
Security,
Compliance, and
Identity
Fundamentals
Identité et gestion
des accès
https://aka.ms/sc900academy
Agenda
Save the date
Azure Active Directory
Identités hybrides
Authentification
Gestion des accès
Gouvernance et protection des identités
Ressources
https://aka.ms/sc900academy
Save the date
Date Thème
https://aka.ms/sc900academy
Introduction
Overview of Microsoft Certified: Get started at
Security, Compliance, and Identity Fundamentals aka.ms/SecurityCerts_Fundamentals
Start here
Decide if this is the right Upskill with recommended Pass required exam to
certification for you training and experience earn your certification
Additional resources
• Microsoft Docs
This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. This is a
broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.
Sujets :
Describe the concepts of security, compliance, and identity (10-15%)
Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft
Entra (25-30%)
Describe the capabilities of Microsoft security solutions (25-30%)
Describe the capabilities of Microsoft compliance solutions (25-30%)
Describe the capabilities of Microsoft Identity and
Access Management Solutions (25-30%)
Verified ID
Enable more secure interactions while respecting
privacy with an industry-leading global platform.
Basic Identity Services and Identity Types
Azure Active Directory
Licensing
Azure AD Free
Azure AD for Office 365 Apps
Azure AD Premium P1
Azure AD Premium P2
Azure AD identity types
User
A representation of something that's managed by Azure AD
Service Principal
A security identity used by applications or services to access specific Azure resources
Managed Identity
Manage the credentials for authenticating a cloud application with an Azure service
System-assigned
User-assigned
Device
Azure AD registered
Azure AD joined
Hybrid Azure AD joined
External Identities
Guests
B2B
B2C
Hybrid identities
Synchronization
Authentication
Password hash synchronization (PHS)
Pass-through authentication (PTA)
Federated authentication (ADFS,…)
Knowledge check
Authentication capabilities
Multifactor Authentication
MFA
Something you know
Something you have
Something you are
Security Defaults
Goal
Ensure that all organizations have a basic level of security enabled at no extra cost
Policies
Requiring all users to register for Azure AD Multi-Factor Authentication.
Requiring administrators to perform multi-factor authentication.
Blocking legacy authentication protocols.
Requiring users to perform multi-factor authentication when necessary.
Protecting privileged activities like access to the Azure portal.
User
Assigned an Azure AD license
Enabled for SSPR
Registered, with the authentication methods they want to use
Authentication methods
Mobile app notification, Mobile app code, Email, Mobile phone, Office phone, Security
questions
Password protection
Goal
Reduce the risk of users setting weak passwords
Custom Roles
RBAC
Principle of least privilege
Knowledge check
Identity Protection and Governance Capabilities
Identity governance
Azure AD Identity Governance
• Govern the identity lifecycle.
• Govern access lifecycle.
• Secure privileged access for administration
Entitlement management
Goal :
Identity governance, automate access, request workflows, access assignments, reviews, and
expiration.
Azure AD Premium P2
Access Reviews
Term of Use
Privileged identity Management
Goal
Provide Privileged Access only when needed
Identity Protection
Goal
Automate the detection and remediation of identity-based risks
User Risk
Sign-in Risk
Knowledge check
Ressources
Les ressources
Acronyms: https://aka.ms/MSAcronyms