When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Certificate?

When you enroll in the course, you get access to all of the courses in the Certificate, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Identity Protection and Governance 

This course is part of Microsoft Azure Security Engineer Associate (AZ-500) Professional Certificate

Instructor: Microsoft

4,531 already enrolled

Included with

Learn more

4 modules

Gain insight into a topic and learn the fundamentals.

23 reviews

Intermediate level

Recommended experience

2 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

4 modules

Gain insight into a topic and learn the fundamentals.

23 reviews

Intermediate level

Recommended experience

2 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

Explain the features of Azure AD Identity Protection.
Explain how to configure Azure ADPIM and work with Azure AD groups and guests.
Implement and configure Azure policies and RBAC in Azure.
Enable resource locks and deploy blueprints in Azure.

Skills you'll gain

Tools you'll learn

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

11 assignments¹

AI Graded see disclaimer

Taught in English

91% of learners achieved a positive career outcome

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your Cloud Computing expertise

This course is part of the Microsoft Azure Security Engineer Associate (AZ-500) Professional Certificate

When you enroll in this course, you'll also be enrolled in this Professional Certificate.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate from Microsoft

There are 4 modules in this course

Microsoft Azure provides a comprehensive suite of security tools and services to help you safeguard your organization's data and applications. Identity Protection and governance is the right course for you if you want to become an Azure security engineer.

In this course, you will learn how to protect identities in Azure AD, the core principles of enterprise governance, and Azure role-based access control (RBAC). You will get acquainted with Conditional Access, multifactor authentication (MFA), and other capabilities. You will learn how to plan and configure privilege identity management (PIM). You will also learn how to manage, assign, activate, and approve requests for a privileged access group. You will explore how to investigate and remediate risks. This course will give you an in-depth understanding of the shared responsibility model. You will learn to create policies and configure and deploy access to services using RBAC. You will see how to configure the built-in roles in Azure to control access to Azure resources. Finally, you will learn to monitor, maintain, and protect resources. This is the second course in a series of seven courses that will prepare you to succeed in the AZ-500 exam.

Module details

In this module, you will learn how to protect identities in Azure AD using Conditional Access, multifactor authentication (MFA), access reviews, and other capabilities. You will learn how to plan and configure privilege identity management (PIM) for roles and resources. You will also learn how to manage, assign, activate, and approve requests for a privileged access group. You will also learn how to investigate and remediate risks detected by Azure AD Identity Protection.

What's included

20 videos14 readings4 assignments1 discussion prompt

20 videosTotal 108 minutes

Introduction to the course5 minutes
Overview of Azure Active Directory Identity Protection8 minutes
Configure risk event detections4 minutes
Detect risks with Azure Active Directory identity protection policies5 minutes
Multifactor authentication and identity protection8 minutes
What is conditional access?5 minutes
Implement access reviews5 minutes
Investigate and remediate risks detected by Azure Active Directory identity protection6 minutes
Overview of Azure Active Directory Privileged Identity Management7 minutes
Explore the zero trust model5 minutes
The evolution of identity management4 minutes
Plan a Privileged Identity Management deployment7 minutes
Assign Azure Active Directory roles in Privileged Identity Management5 minutes
Activate an Azure Active Directory role in Privileged Identity Management4 minutes
Approve or deny requests for Azure Active Directory roles in Privileged Identity Management4 minutes
Implement a workflow5 minutes
Managing privileged access Azure Active Directory groups5 minutes
Activate privileged access group roles and approve activation requests6 minutes
Invite guest users and assign Azure resource roles4 minutes
Module summary6 minutes

14 readingsTotal 158 minutes

How to be successful in this course5 minutes
Implement user risk and sign-in policies3 minutes
Configure conditional access and access reviews7 minutes
Exercise: Multifactor authentication, Conditional Access and Azure Active Directory Identity Protection30 minutes
Solution: Multifactor authentication, Conditional Access and Azure Active Directory Identity Protection5 minutes
Smart lockout 5 minutes
Configure Privileged Identity Management scope10 minutes
Exercise: Configure Azure Active Directory Privileged Identity Management for roles and resources30 minutes
Solution: Configure Azure Active Directory Privileged Identity Management for roles and resources30 minutes
Additional resources: Privileged Identity Management5 minutes
Assign eligibility for a privileged access group5 minutes
Exercise: Configure Azure Active Directory Privileged Identity Management for groups15 minutes
Solution: Configure Azure Active Directory Privileged Identity Management for groups5 minutes
Additional resources: Bring groups into Privileged Identity Management3 minutes

4 assignmentsTotal 75 minutes

Knowledge check: Deploy Azure Active Directory identity protection15 minutes
Knowledge check: Azure Active Directory Privileged Identity Management15 minutes
Knowledge check: Working with Azure Active Directory groups and guests in Azure Privileged Identity Management15 minutes
Module quiz: Identity protection and governance30 minutes

1 discussion promptTotal 5 minutes

Meet & greet5 minutes

In this module, you will learn about the core principles of enterprise governance. You will gain an in-depth understanding of the shared responsibility model and how it impacts security configuration. You will explore the Azure cloud security advantages. You will learn how to create policies to protect your solutions and configure and deploy access to services using role-based access control (RBAC). You will also learn about the Azure hierarchy of systems.

What's included

7 videos9 readings3 assignments

7 videosTotal 37 minutes

Overview of the shared responsibility model5 minutes
Explore the Azure cloud security advantages5 minutes
Review Azure hierarchy of systems6 minutes
Overview of Azure policies5 minutes
Azure policy effects7 minutes
Group policies into initiatives4 minutes
Module summary6 minutes

9 readingsTotal 107 minutes

The shared responsibility model in depth14 minutes
Policies, initiatives, and recommendations9 minutes
Additional resources: Core principles of enterprise governance3 minutes
Azure built-in policies13 minutes
Azure policy definition structure13 minutes
Get compliance data of Azure resources10 minutes
Built-in initiatives10 minutes
Exercise: Implement Azure Policy30 minutes
Solution: Implement Azure Policy5 minutes

3 assignmentsTotal 60 minutes

Knowledge check: Core principles of enterprise governance15 minutes
Knowledge check: Policies15 minutes
Module quiz: Policies, initiatives and recommendations30 minutes

In this module, you will learn about Azure role-based access control (RBAC) and how to enable and assign RBAC roles, including the key differences between Azure Policy and RBAC. You will learn how to configure the built-in roles in Azure to control access to Azure resources, the structure of role definitions for access control, how to define custom role permissions, and create and assign a custom role to a user. You will also learn how to monitor, maintain, and protect resources. You will learn how to deploy Azure blueprints and design an Azure subscription management plan.