Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7

Video Transcription

00:00
Welcome back, Sudbury ins to the M s 3 65 Security Administration course.
00:06
I'm your instructor, Jim Daniels.
00:08
In this video, we're still a model to identity and access,
00:12
but we're starting Lesson three access management
00:15
with part one conditional access.
00:19
In this lesson, we're gonna learn what conditional access is how it helps secure your environment,
00:26
how conditional access, policies, work
00:28
and the principles of the zero trust model.
00:32
Conditional access.
00:34
If this then that if this condition is meant, this action happens,
00:40
conditions and actions can be positive. Negative. Working the layered.
00:44
You seen the movie, Goonies?
00:47
You know what this picture is from
00:49
if you haven't seen the movie Goonies, Shame on you,
00:52
for this example. Just saw with me
00:55
Chung cast to perform the truffle shuffle
00:58
as a condition
00:59
in order to get in the Mikey's house.
01:02
So the condition is when the user
01:03
is chunk
01:06
Is the truffle shuffle true or false?
01:08
If it's true, he's performed it and he's allowed the action of going into Mikey's house
01:15
Conditional access. If this, then that
01:19
conditional access is comprised of signals
01:22
which include user geo location device, whether the device maybe is compliant. What unless it has road time risk
01:32
if it's a risk factors type of analysis in application.
01:37
This is just someone of signals that you can use as a foundation for your conditional access.
01:42
Every access is
01:45
it's in
01:46
every attended. Access is verified. Based on those signals.
01:49
You can either block access, allow access or require M F A
01:55
as a second authentication factor before you allow access.
02:00
Conditional access policies could be applied based on the vice state application, sensitivity, location and other rules.
02:07
Slon We just looked at
02:09
this. Is that same slide broken down a little bit more?
02:14
These are all signals.
02:15
User may be a member of a certain group,
02:17
maybe a geo location, maybe a certain i p
02:22
The device, maybe if it's marked as compliant, non compliant. If there is an active threat on the device at the platform, maybe it's Windows versus Mac of this.
02:32
Maybe he's IOS device. So where goes into a mobile topic? Conditional. Access
02:38
all of these different signals, either by themselves or combine and layered
02:43
make up an expansive array of conditional access policies that you can create that suits your environment, your organization and your security posture.
02:53
So as her 80 conditional Access and Federated Authentication.
02:58
No.
02:59
When, As Brady has Federated authentication,
03:02
the service handles the authentication into Azure 80. Refusing Federated authentication
03:08
damp indication doesn't happen in Azure et happens when you're
03:14
Federated Service.
03:15
So if you need to
03:16
set up conditional access policies for non m s racist, the final maps
03:22
you have to set up via a DFS
03:24
that's important. If you just want to have m s straight 65 conditional access policies
03:30
you said them right up in that straight 65
03:34
zero trust trust no one
03:37
basically what it is. Instead of giving people access
03:40
and the fun went down, no one gets access
03:44
and then slowly verified based on the access that they need.
03:50
Explosive verification of every access request if you want access is something is going to verify
03:55
least privileged access.
03:58
You only get access to do what you need to do for your job.
04:02
If your job doesn't dictate it, you will never get access to it. Least privileged. Suggest in Time jit risk based access policies that works with release privilege, access
04:15
brief mentality always acts If your organization was breached
04:18
80 to minimize the potential damage and that of us. Think semis already inside your network, you need to close off what you can close off that says you're a trust. Those are the three pillars of zero trust
04:32
zero Trust with the necessary 65
04:35
who goes are three pillars. Each column Explicit verification you can use when this alert. For business, multi factor authentication. Strengthen your past for policies. Conditional access. You extend the management for a moon prim to the cloud within tune or indium
04:53
least purples access.
04:55
Minimize Adnan assignments.
04:57
Regular audits of who has as privileged access
05:00
for clothes and then the management pin. We talked about that previously.
05:03
Just in time. Controls expiring Rolls Center rolls up to auto expire.
05:09
Briefs mentality
05:10
cloud have security. We'll talk about that in the future. Defender. 80 p 03 65. 80 p as your 80 p. That's a lot of 80 piece would talk about all of those 80 piece as well. And as we're in front projection
05:21
all of those help with the brief mentality. Pillar off zero Trust.
05:27
One tool you may want to use is as your 80 application proxy.
05:30
They was access to one premise. Weather applications from a remote client.
05:34
The proxy service runs in the cloud,
05:38
but the connector runs when one premise server
05:42
users are past the sign and token from as rady to weather.
05:46
You can replace the need for a VPN or reverse proxy
05:50
can use as a radi conditional access for on premise apso. Remember before
05:55
where we said, Hey,
05:57
if you want one for Miss Applications tohave conditional access, you have to use a D. A office.
06:01
Not so fast, my friend.
06:03
This is how you get around it.
06:05
You don't want to invest in a DFS, but you still have on premise whether applications that you want to do conditional access against this is your answer. As radi at proxy,
06:16
you can use it for on premise APS.
06:18
It's a proxy
06:20
only algo in connection from one premise suffers require, so there's no incoming connection.
06:27
Magic
06:28
quiz.
06:29
Were you paying attention when I talked about zero Trust
06:32
What is not a core tenet or core pillar of the zero trust security model?
06:39
Explosive verification?
06:41
Assume the breach mentality,
06:44
least privileged access
06:46
or backup of authentication logs.
06:48
What is not a core tenant?
06:51
If you said
06:54
anything that dear incorrect
06:56
dancers de backed up of authentication logs.
07:00
That's always a good thing to do. However, it's not a Cortina Zero Trust for zero Trust.
07:05
You want explosive verification. You want to always assume you've been breached,
07:11
and you won't least privileged access
07:14
for your users
07:15
to recap this very quick lesson.
07:17
Conditional Access takes a variety of signals,
07:21
applies criteria to those signals and then forces in action
07:26
based upon the results.
07:28
Zero Trust model has three main areas. Explosive verification,
07:33
least privileged access
07:35
and assume you've been breached
07:39
as her 80 application proxy allows remote access to one premises application
07:46
and then reduces the need for VP and reverse proxy.
07:48
Thank you for joining me on this lesson. I look to see you for the next one.
07:53
Take care.

Up Next

MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By

Instructor Profile Image
Jim Daniels
IT Architect
Instructor