Implementing Multi-Factor Authentication
Configuring Application Access
Implementing Access for External users
The course is part of this learning path
This course has been designed to teach you how to manage Microsoft 365 access and authentication. The content in this course will help prepare you for the Microsoft 365 Identity and Services exam.
The topics covered within this course include:
- Managing Authentication
- Implementing Multi-Factor Authentication
- Configuring Application Access
- Implementing Access for External Users of Microsoft 365 Workloads
Who should attend this course?
- Those who are preparing for the Microsoft 365 Identity and Services exam
- Those looking to learn more about Microsoft 365
- To learn how to configure and monitor authentication
- To learn how to administer MFA and report on its utilization
- To learn how to configure application registration and use Azure AD Application Proxy
- To learn how to use Azure Active Directory B2B to add and manage external users
To get the most from this course, you should at least be familiar with the Microsoft 365 offering and have a general understanding of its features.
About the Author
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.
- [Narrator] Authentication refers to the act of challenging a user for credentials when trying to access a resource. What this does is form the foundation for creating security principles that are used for identity and access control. More simply put, authentication is the process of proving that you are whom you say you are. To protect against stolen passwords and compromised credentials, best practices dictate that organizations require a second authentication factor in addition to a password when planning or managing authentication in Azure. That said, Azure AD provides features such as multi-factor authentication and self-service password reset or SSPR to help administrators protect against compromised credentials. Scenarios that benefit from MFA and SSPR typically include use cases, such as those where users need to sign-in to applications or where users need help with password resets. By leveraging authentication features like MFA and SSPR users will be asked to provide additional verification that they are who they say they are when trying to access resources. Such verification information that users might be asked to provide include things like a passcode that's provided in an email or a text message, a phone call, a notification or a code on their phone, or maybe answers to security questions that were set up previously. Azure MFA and SSPR provide administrators with improved controls that allow them to protect their organizations. SSPR or self-service password reset allows users to reset their passwords without any administrator intervention whenever they need to. Features offered by SSPR include password changes, password resets, and account unlocks. Password change allows a user who knows his password to change it to something new. Password reset, however, allows a user who has forgotten his password to reset that password using one or more approved authentication methods. Account unlock allows a locked out user to unlock his or her account using one or more approved authentication methods. Azure MFA is Microsoft's two step verification solution that allows an administrator to configure pre-approved authentication methods that users must use to authenticate before accessing resources. Azure MFA or multi-factor authentication helps safeguard access to data and applications, while maintaining a simplified sign-in process for end users.