Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 2: Managing Security and Hybrid Identity Integration cover art

Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 2: Managing Security and Hybrid Identity Integration

Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 2: Managing Security and Hybrid Identity Integration

Listen for free

View show details

About this listen

 In this lesson, you’ll learn about securing and managing hybrid identities using Azure Active Directory, bridging on-premises infrastructure with cloud services:Identity Security and Access Control
  • Conditional Access & MFA:
    • Define access policies based on conditions like location, device state, or risk level
    • Enforce Multi-Factor Authentication (MFA) or block suspicious logins
  • Azure AD Password Protection:
    • Prevent weak passwords using:
      • Microsoft’s global banned password list
      • Custom organization-specific banned terms
    • Smart Lockout to mitigate brute-force attacks
Hybrid Identity with Azure AD Connect
  • Custom Domain Integration:
    • Add and verify domains (e.g., company.com) via DNS
    • Enable users to authenticate with corporate credentials instead of default domains
  • Authentication Methods:
    • Password Hash Synchronization (PHS):
      • Sync password hashes to the cloud
      • Reduces dependency on on-prem infrastructure
    • Pass-through Authentication (PTA):
      • Validates credentials directly against on-prem Active Directory
      • No password storage in the cloud
    • Federation (ADFS):
      • Uses a trusted identity provider (STS)
      • Supports advanced scenarios like smart cards and on-prem MFA
Monitoring and Health
  • Azure AD Connect Health:
    • Monitor sync status and performance
    • Detect connectivity issues and failures
    • Maintain reliability of hybrid identity infrastructure
Hands-On Implementation
  • Setting up a lab with:
    • Windows Server (e.g., domain controller simulation)
    • PowerShell scripts to automate user and group creation
  • Installing and configuring Azure AD Connect:
    • Using express settings for quick deployment
    • Synchronizing on-prem identities with Azure AD
Key Takeaways
  • Hybrid identity enables seamless Single Sign-On (SSO) across environments
  • Security is enforced through layered controls (MFA, Conditional Access, password policies)
  • Choosing the right authentication method depends on security needs vs. infrastructure complexity
This lesson shows how to combine on-prem control with cloud scalability, creating a secure and flexible identity management system.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
No reviews yet