Identity and Access Management Training

Identity Access Management Course Outline

• Managing Identities in a Digital World

  Identity and its theft

  • Eliminating vulnerabilities in identification and authentication processes
  • Compromising multiple identities
  • Exploiting Object ID OID identities

  Ensuring strong authentication

  • Enforcing authentication with biometrics
  • Requiring multifactor authentication with smart cards
  • Migrating to virtual smart cards and Trusted Platform Module TPM

  Implementing Single Sign-On (SSO)

  • Interoperating via open industry standards, federated logon and claims
  • Applying Kerberos identities in a domain

  Surveying IdM solutions

  • Making identities portable with Secure Tokens
  • On-premises and cloud-based identity management

• Synchronizing Identities

  Discovering identity stores

  • Exploring identities in Kerberos tickets and AD attributes
  • Identifying identities in SQL databases

  Demystifying MIM 2016

  • Importing identities from Connected Data Source CDS into Connector Space CS
  • Synchronizing identities into Metaverse MV
  • Managing identities and rules with the SharePoint MIM Portal

• Implementing Identities in a PKI

  Inside PKI X.509 v3 certificates

  • Expiring identities with certificate lifetimes
  • Verifying identities with Subject Alternative Name
  • Binding identities to certificates

  Establishing trust via certificates

  • Validating trust with digital signatures
  • Creating entity trust by importing a root CA
  • Distributing trust to subordinate CAs
  • Flowing trust with domain Group Policy Object GPO

  Building an enterprise trust hierarchy

  • Publishing Certificate Revocation Lists (CRLs)
  • Increasing security with an offline root CA
  • Accessing directories with LDAP
  • Configuring Online Certificate Status Protocol OCSP

  Trusting an external identity provider

  • Forming a certificate chain
  • Locating the CA Trust Anchor

• Expanding Trust with Federated Identity Management

  Federated management with Microsoft AD FS 3.0

  • Authenticating with a trusted Identity Provider IdP
  • Controlling access with claims
  • Verifying SAML tokens with Relaying Party RP
  • Striving for universally interoperable and portable identity

  Creating claims-aware applications

  • Building claims-aware applications with Windows Identity Foundation WIF
  • Abstracting SAML, WS-Trust and WS-Federation protocols

  Trusting external Identity Providers

  • Extending ADFS externally with Web Application Proxy WAP
  • Mapping external ADFS namespaces with DNS

• Delivering Identities to the Cloud

  Windows Azure federation

  • Extending on-premises Active Directory (AD) to Azure AD
  • Implementing SSO in Azure for Office 365 and SaaS applications

  Amazon AWS federation

  • Authenticating with Amazon IAM roles
  • Microsoft federated log-in to Amazon services using SAML tokens

• Mobile Identity Management with BYOD

  Enrolling mobile devices

  • Joining devices with Workplace Join
  • Enacting Device Registration Services DRS

  Planning a Federated Identity Roadmap

  • Achieving the FICAM IdM vision
  • Creating organizational identity management policy