You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Product type Paperback

Published in Mar 2022

Publisher Packt

ISBN-13 9781801818049

Length 452 pages

Edition 1st Edition

Languages

Tools

Azure

Concepts

Identity Management

Author (1):

Dwayne Natwick

View More author details

Table of Contents (24) Chapters

Preface

1. Section 1 – Exam Overview and the Evolution of Identity and Access Management

2. Chapter 1: Preparing for Your Microsoft Exam FREE CHAPTER

3. Chapter 2: Defining Identity and Access Management

4. Section 2 - Implementing an Identity Management Solution

5. Chapter 3: Implementing and Configuring Azure Active Directory

6. Chapter 4: Creating, Configuring, and Managing Identities

7. Chapter 5: Implementing and Managing External Identities and Guests

8. Chapter 6: Implementing and Managing Hybrid Identities

9. Section 3 – Implementing an Authentication and Access Management Solution

10. Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)

11. Chapter 8: Planning and Managing Password-Less Authentication Methods

12. Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection

13. Section 4 – Implementing Access Management for Applications

14. Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)

15. Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps

16. Section 5 – Planning and Implementing an Identity Governance Strategy

17. Chapter 12: Planning and Implementing Entitlement Management

18. Chapter 13: Planning and Implementing Privileged Access and Access Reviews

19. Section 6 – Monitoring and Maintaining Azure Active Directory

20. Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users

21. Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

22. Chapter 16: Mock Test

23. Other Books You May Enjoy

Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel

In the previous chapter, we discussed how to access and use activity logs and audit logs to review user activity and filter that activity for monitoring, reporting, and managing potential vulnerabilities and threats. In this chapter, we will discuss how we can use this information within Microsoft Sentinel and third-party SIEM solutions to provide an integration of these logs to handle security operations more efficiently in one location.

This section will provide guidance on how to export logs to Microsoft Sentinel. The next section will discuss how to export logs to third-party security tools, if you are not utilizing Microsoft Sentinel. Let's start by explaining Microsoft Sentinel and what SIEM and security orchestration automated response (SOAR) solutions are.

A SIEM is a solution within a security operations center that gathers logs and events from various appliances and software...

The rest of the chapter is locked

You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Table of Contents (24) Chapters

Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel

Authors (1)

Personalised recommendations for you

You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Table of Contents (24) Chapters

Enabling and integrating Azure AD diagnostic logs with Log Analytics and Microsoft Sentinel

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you