Summary
In this module, you learned about Azure identity, access, and security services and tools. You covered authentication methods, including which ones are more secure. You learned about restricting access based on a role to help create a more secure environment. You also reviewed encryption concepts and key management options in Azure. And, you learned about the Defense In Depth and Zero Trust models.
Learning objectives
You should now be able to:
- Describe directory services in Azure, including Microsoft Entra ID and Microsoft Entra Domain Services.
- Describe authentication methods in Azure, including single sign-on (SSO), multifactor authentication (MFA), and passwordless.
- Describe external identities and guest access in Azure.
- Describe Microsoft Entra Conditional Access.
- Describe Azure Role Based Access Control (RBAC).
- Describe the concept of Zero Trust.
- Describe the purpose of the defense in depth model.
- Describe encryption concepts and key management options in Azure.
- Describe the purpose of Microsoft Defender for Cloud.
Additional resources
The following resources provide more information on topics in this module or related to this module.
Microsoft Certified: Security, Compliance, and Identity Fundamentals is an entire certification, with associated training, dedicated to helping you better understand and manage Security, Compliance, and identity.
Explore with Copilot
Tip
Try one of these prompts in Copilot Chat:
- "Use one end-to-end scenario to show how SSO, MFA, Conditional Access, and RBAC work together in a Zero Trust design."
- "Explain the difference between Microsoft Entra ID, Microsoft Entra Domain Services, and external identities with practical examples."
- "Simulate a security incident and show how encryption, key management, defense in depth, and Microsoft Defender for Cloud reduce risk."