Time
8 hours 33 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Transcription

00:00
Hello, Siberians. Welcome to this demonstration on a giant E identity protection.
00:06
This lesson is part of the second model off the Is that 500 Microsoft Azure security that largest costs. Quick information on the tax that will complete in this demo will start by reviewing as your 80 licensing for identity protection. Well, then, configure the user risk
00:24
on the sine inverse policies in identity protection.
00:27
We'll conclude by validating the policies are applied by simulating a risk event. Let's get into this.
00:34
So the first thing that I do is to review Mijo, 80 tenant to ensure that I have to require addition for identity protection.
00:42
I also review where to configure as your area identity protection policies in the azure Pato. So here I am in the azure Pato. If I click on the Potter menu icon on the left inside, and if I click on as your a D
00:57
now India view section, I can see that I have the azure 80 premium Peter Addition.
01:03
However, I can also go on the licenses
01:07
and I can click on life since features.
01:10
If I search for identity,
01:14
I can see the identity protection feature listed here and I can see that Yes, I am licensed for this feature.
01:22
If I go back to the men as your a d window
01:25
and if I scored Ammen, click on Security
01:27
under Security. I have identity protection here on this is where we'll be completing the next pass off, configuring our identity protection policies.
01:38
So in the nest, Ask will configure the use of this policy in identity protection.
01:44
Yes, official representation off what I'll be doing
01:48
Our configure. The use of this policy now include all users but excludes my designated break. Let's account
01:56
the policy will apply to all users that have Avis level off low and above. On the control of their apply is to require a passwords change. Let's get into this.
02:07
So here I am back in the azure Pato
02:10
on the left hand side, fatally con identity protection.
02:15
If I go ahead and click on user this policy
02:17
on on the assignment I click and that on I select all users. However, I want to exclude my break less account on my designated break. Let's account
02:28
if I click on exclude on, I go to select excluded uses,
02:32
I'll select David with the designated account. Click on Select
02:38
on our click on Done
02:39
Now. I want this to apply toe any either waas a risk level off low and above on our click on conditions to configure this, so that's already selected. But if I click on the option to show you what are the options are available, you can see that I can change. That's a medium and above all, to high. Only I'll just leave that aslo and above and click on select
02:59
and actually come down here
03:00
on the control that they want to apply is to require passwords. Change. However, our click on each tours to show you other options that are available. You can see that I can block access. I can allow access and require passwords. Change, which is what I want in this case, are just great and click on select.
03:17
I'll click on on to make sure that the policies and fast on our click on Safe
03:23
and that successful So we're good
03:27
in the next task are configure the sign Invest Policy in identity protection.
03:34
On is a visual representation off what are between our configures sign in this policy that includes all uses for excludes my designated breathless account.
03:45
The policy will apply to all sign in events that have a risk level off medium and above.
03:50
On the Controlled I'll be applying is to require MFP. Let's get into this.
03:55
So here I am back in the Azure portal if I go ahead and click on Sign in Risk Policy on the left Inside.
04:02
If I click on assignment on the users
04:05
and I leave that selected as all users about why don't exclude my designated breathless account,
04:12
which is David on, I'll click on Select and I'll click on Done.
04:15
The condition that I want to apply is for medium and above risk levels,
04:20
but you can see the other options that are available day. I'll just leave that take on, select and click on down
04:27
the controller. They want to apply, used to require M f A.
04:30
I'll click on. That's to show you the other options. I can block access, allow access or allow access, which MF required, which is what our configure in this case.
04:40
Go ahead and click on select. If I click on Save How enforced a policy and I'll click on Save Now that successful which means we're good.
04:47
And the final task off this demonstration Hobby validating that the policies that have configured I indeed being applied. How do this by simulating a risk event?
04:58
Yes, Official representation off. What are between how access and a 80 application is in a top browser, which will Anonima Mayes, the I P address,
05:08
however redirected to Azure 80 on our authenticates to heat
05:14
identity protection wouldn't have always the signing event Onda tacked on anonymous I p address which, as a medium risk level
05:23
because of signing this policy, is configured of acquire Maffei. For this levels medium and above the usable requires to complete m f A.
05:32
However, the user that I will be using in this case as no, you actually start for MF A which means that their access we actually be blocked.
05:43
So here I am on my test machine on my test mission as the top browser installed.
05:48
If I go ahead and open the top policy,
05:51
I was gonna connect. So the tor network, which we anonymized the i p address
05:57
how great on access and as your 80 application my half start, Microsoft does come
06:02
and I'm actually what indicates, Tries i 80
06:05
if I quiet on, put in the user name,
06:10
and if I click on next,
06:12
I'm actually enter the password for my user
06:16
quiet and puts that in and I click on signing.
06:21
Now I get an error message that says my signing was blocked on again. The reason why it gets this is because this user issues to register for Emma Fee as human. This user has registered for an iffy, though actually be required to complete MFK.
06:38
Now if I go back to the azure Pato, and if I click back on the security and click on identity protection,
06:45
we need to give it a few minutes for the risk information to be displayed in the azure portal. So there's a bit of a lock day.
06:51
So what are do is out positively cutting to you. The event has been detected,
06:57
and now it took a few minutes for the events to be displayed.
07:00
But if you go ahead and click on viscous signing on the left hand side, you can see the authentication failure for Brenda on. We can go ahead and review the reports down here
07:11
so we can see that's that failed, and we can see the user that signed in. We can go ahead and see the device information, the risk information being anonymous, i p address detected.
07:21
And we can quiet and view the information they the other things that we can do it. You can configure notifications. So notifications to be sent based on the lots on. We can specify the user risk level that wants notifications to be sent hat.
07:36
We can also configure notifications 2% on a weekly basis. No, that was Just get getting a weekly report based on the detection that have happened.
07:46
So here's a somebody off the tax that were completed in this demonstration.
07:50
We started by reviewing as your 80. Licensing for identity protection
07:56
wouldn't configure the user risk and Sinan vis policies in identity protection so fast it pass what we said for any user with this level of low and above on also to require Emma free for any sign in activity with a risk level off medium and above.
08:13
In both cases, we excluded at designated bricklayers account according to best practices,
08:18
we concluded by validating the policies are applied by simulating a risk event.
08:24
This brings us to the hand of this lesson. Thanks very much for watching on. I'll see you in the next lesson.

Up Next

AZ-500: Microsoft Azure Security Technologies

In the AZ-500 Microsoft Azure Security Technologies training, students will learn the skills that are needed to pass the AZ-500 certification exam. All exam topics are covered as well as exam preparation strategies and hands-on practice.

Instructed By

Instructor Profile Image
David Okeyode
Cloud Security Architect
Instructor