You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Product type Paperback

Published in Mar 2022

Publisher Packt

ISBN-13 9781801818049

Length 452 pages

Edition 1st Edition

Languages

Tools

Azure

Concepts

Identity Management

Author (1):

Dwayne Natwick

View More author details

Table of Contents (24) Chapters

Preface

1. Section 1 – Exam Overview and the Evolution of Identity and Access Management

2. Chapter 1: Preparing for Your Microsoft Exam FREE CHAPTER

3. Chapter 2: Defining Identity and Access Management

4. Section 2 - Implementing an Identity Management Solution

5. Chapter 3: Implementing and Configuring Azure Active Directory

6. Chapter 4: Creating, Configuring, and Managing Identities

7. Chapter 5: Implementing and Managing External Identities and Guests

8. Chapter 6: Implementing and Managing Hybrid Identities

9. Section 3 – Implementing an Authentication and Access Management Solution

10. Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)

11. Chapter 8: Planning and Managing Password-Less Authentication Methods

12. Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection

13. Section 4 – Implementing Access Management for Applications

14. Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)

15. Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps

16. Section 5 – Planning and Implementing an Identity Governance Strategy

17. Chapter 12: Planning and Implementing Entitlement Management

18. Chapter 13: Planning and Implementing Privileged Access and Access Reviews

19. Section 6 – Monitoring and Maintaining Azure Active Directory

20. Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users

21. Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

22. Chapter 16: Mock Test

23. Other Books You May Enjoy

Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

The previous chapter covered how to analyze, review, and investigate our logs and events to protect against risky sign-ins and elevated-risk users. This included creating reports and reviewing insights for user activity to recognize potential vulnerabilities and alert against possible threats. In this chapter, we will discuss how to integrate and enable the use of these logs with Microsoft Sentinel or a third-party security incident and event management (SIEM) solution. This will include how to use Log Analytics with Kusto queries to review activity in Microsoft Sentinel.

In this chapter, we're going to cover the following main topics:

Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel
Exporting sign-in and audit logs to a third-party SIEM
Reviewing Azure AD activity by using Log Analytics and Microsoft Sentinel

The rest of the chapter is locked

You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Table of Contents (24) Chapters

Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

Authors (1)

Personalised recommendations for you

You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Table of Contents (24) Chapters

Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you