You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Product type Paperback

Published in Mar 2022

Publisher Packt

ISBN-13 9781801818049

Length 452 pages

Edition 1st Edition

Languages

Tools

Azure

Concepts

Identity Management

Author (1):

Dwayne Natwick

View More author details

Table of Contents (24) Chapters

Preface

1. Section 1 – Exam Overview and the Evolution of Identity and Access Management

2. Chapter 1: Preparing for Your Microsoft Exam FREE CHAPTER

3. Chapter 2: Defining Identity and Access Management

4. Section 2 - Implementing an Identity Management Solution

5. Chapter 3: Implementing and Configuring Azure Active Directory

6. Chapter 4: Creating, Configuring, and Managing Identities

7. Chapter 5: Implementing and Managing External Identities and Guests

8. Chapter 6: Implementing and Managing Hybrid Identities

9. Section 3 – Implementing an Authentication and Access Management Solution

10. Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)

11. Chapter 8: Planning and Managing Password-Less Authentication Methods

12. Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection

13. Section 4 – Implementing Access Management for Applications

14. Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)

15. Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps

16. Section 5 – Planning and Implementing an Identity Governance Strategy

17. Chapter 12: Planning and Implementing Entitlement Management

18. Chapter 13: Planning and Implementing Privileged Access and Access Reviews

19. Section 6 – Monitoring and Maintaining Azure Active Directory

20. Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users

21. Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

22. Chapter 16: Mock Test

23. Other Books You May Enjoy

Exporting sign-in and audit logs to a third-party SIEM

Azure Monitor is the Azure solution that most Azure services utilize for activity, event, and security logging. Azure AD, Azure Resource Manager, Azure Firewall, and Microsoft Defender for Cloud all utilize integration with Azure Monitor for monitoring and managing activity within Azure. The previous section discussed how to use and connect Microsoft Sentinel for monitoring, managing, and alerting on security activity based on these logs through Azure Monitor and Log Analytics. Companies that currently have a third-party SIEM and/or SOAR solution can also connect to Azure Monitor to monitor Azure AD activity. Azure Monitor routes the logs through Azure Event Hubs to deliver the log data to external applications.

More information on connecting Azure Monitor to third-party SIEM solutions for Azure AD logs can be found at this link: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/overview-monitoring...

The rest of the chapter is locked

You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Table of Contents (24) Chapters

Exporting sign-in and audit logs to a third-party SIEM

Authors (1)

Personalised recommendations for you

You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Table of Contents (24) Chapters

Exporting sign-in and audit logs to a third-party SIEM

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you