This identity and access management course will teach you to strengthen your organization’s security and simplify access to critical resources by implementing the appropriate Identity Management (IdM) and Identity Access Management (IAM) strategies. You will learn how to implement Single Sign-On (SSO) via a solid foundation based on industry-standard Public Key Infrastructure (PKI) and Federated Identity Management (FIM).

  • Familiarity with security issues at the level of:
    • Course 468, Information Security Training
    • Experience with Windows operating system

 

Identity and Access Management Training Delivery Methods

  • After-course instructor coaching benefit
  • Learning Tree end-of-course exam included

Identity and Access Management Training Course Benefits

Implement identity/access management to control access to IT resourcesBuild a Public Key Infrastructure (PKI) to manage trust between Identity Providers (IdPs) and Relying Parties (RPs)Streamline identity authentication for applications with claimsSeamlessly authenticate to the cloud with Federated Identity Management (FIM)Synchronize identities among disparate authentication stores with Microsoft Identity Manager (MIM) 2016

Identity Access Management Course Outline

Managing Identities in a Digital World

Identity and its theft

  • Eliminating vulnerabilities in identification and authentication processes
  • Compromising multiple identities
  • Exploiting Object ID OID identities

Ensuring strong authentication

  • Enforcing authentication with biometrics
  • Requiring multifactor authentication with smart cards
  • Migrating to virtual smart cards and Trusted Platform Module TPM

Implementing Single Sign-On (SSO)

  • Interoperating via open industry standards, federated logon and claims
  • Applying Kerberos identities in a domain

Surveying IdM solutions

  • Making identities portable with Secure Tokens
  • On-premises and cloud-based identity management

Synchronizing Identities

Discovering identity stores

  • Exploring identities in Kerberos tickets and AD attributes
  • Identifying identities in SQL databases

Demystifying MIM 2016

  • Importing identities from Connected Data Source CDS into Connector Space CS
  • Synchronizing identities into Metaverse MV
  • Managing identities and rules with the SharePoint MIM Portal

Implementing Identities in a PKI

Inside PKI X.509 v3 certificates

  • Expiring identities with certificate lifetimes
  • Verifying identities with Subject Alternative Name
  • Binding identities to certificates

Establishing trust via certificates

  • Validating trust with digital signatures
  • Creating entity trust by importing a root CA
  • Distributing trust to subordinate CAs
  • Flowing trust with domain Group Policy Object GPO

Building an enterprise trust hierarchy

  • Publishing Certificate Revocation Lists (CRLs)
  • Increasing security with an offline root CA
  • Accessing directories with LDAP
  • Configuring Online Certificate Status Protocol OCSP

Trusting an external identity provider

  • Forming a certificate chain
  • Locating the CA Trust Anchor

Expanding Trust with Federated Identity Management

Federated management with Microsoft AD FS 3.0

  • Authenticating with a trusted Identity Provider IdP
  • Controlling access with claims
  • Verifying SAML tokens with Relaying Party RP
  • Striving for universally interoperable and portable identity

Creating claims-aware applications

  • Building claims-aware applications with Windows Identity Foundation WIF
  • Abstracting SAML, WS-Trust and WS-Federation protocols

Trusting external Identity Providers

  • Extending ADFS externally with Web Application Proxy WAP
  • Mapping external ADFS namespaces with DNS

Delivering Identities to the Cloud

Windows Azure federation

  • Extending on-premises Active Directory (AD) to Azure AD
  • Implementing SSO in Azure for Office 365 and SaaS applications

Amazon AWS federation

  • Authenticating with Amazon IAM roles
  • Microsoft federated log-in to Amazon services using SAML tokens

Mobile Identity Management with BYOD

Enrolling mobile devices

  • Joining devices with Workplace Join
  • Enacting Device Registration Services DRS

Planning a Federated Identity Roadmap

  • Achieving the FICAM IdM vision
  • Creating organizational identity management policy