You're reading from Microsoft Identity and Access Administrator Exam Guide Implement IAM solutions with Azure AD, build an identity governance strategy, and pass the SC-300 exam

Product type Paperback

Published in Mar 2022

Publisher Packt

ISBN-13 9781801818049

Length 452 pages

Edition 1st Edition

Languages

Tools

Azure

Concepts

Identity Management

Author (1):

Dwayne Natwick

View More author details

Table of Contents (24) Chapters

Preface

1. Section 1 – Exam Overview and the Evolution of Identity and Access Management

2. Chapter 1: Preparing for Your Microsoft Exam FREE CHAPTER

3. Chapter 2: Defining Identity and Access Management

4. Section 2 - Implementing an Identity Management Solution

5. Chapter 3: Implementing and Configuring Azure Active Directory

6. Chapter 4: Creating, Configuring, and Managing Identities

7. Chapter 5: Implementing and Managing External Identities and Guests

8. Chapter 6: Implementing and Managing Hybrid Identities

9. Section 3 – Implementing an Authentication and Access Management Solution

10. Chapter 7: Planning and Implementing Azure Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR)

11. Chapter 8: Planning and Managing Password-Less Authentication Methods

12. Chapter 9: Planning, Implementing, and Administering Conditional Access and Azure Identity Protection

13. Section 4 – Implementing Access Management for Applications

14. Chapter 10: Planning and Implementing Enterprise Apps for Single Sign-On (SSO)

15. Chapter 11: Monitoring Enterprise Apps with Microsoft Defender for Cloud Apps

16. Section 5 – Planning and Implementing an Identity Governance Strategy

17. Chapter 12: Planning and Implementing Entitlement Management

18. Chapter 13: Planning and Implementing Privileged Access and Access Reviews

19. Section 6 – Monitoring and Maintaining Azure Active Directory

20. Chapter 14: Analyzing and Investigating Sign-in Logs and Elevated Risk Users

21. Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

22. Chapter 16: Mock Test

23. Other Books You May Enjoy

Reviewing Azure AD activity by using Log Analytics and Microsoft Sentinel

In this section, we will go through the step-by-step process of running a log query for Azure AD activity within Microsoft Sentinel. We will also step through how to review Azure AD workbooks and save the workbooks for monitoring, reviewing, and exporting:

Navigate to your Microsoft Sentinel workspace from within portal.azure.com:

Figure 15.17 – Microsoft Sentinel workspace

Select Logs under the General menu to access the Log Analytics workspace that is connected to Microsoft Sentinel. There is a video available here to provide an overview of Log Analytics. Select the X icon at the top right to close this video window: