Gain a comprehensive grasp on the key objectives to pass the MS-100 exam, reinforced with practice questions throughout the book
Purchase of the print or Kindle book includes a free PDF eBook
Key Features
- Plan and implement Azure AD identity, including your choice of authentication strategy and securing access
- Configure core features such as self-service password reset and Azure AD identity protection
- Work with self-assessment questions, exam tips, and practice tests based on the latest exam blueprint
Book Description
This book serves as a comprehensive guide to prepare you for the Microsoft Identity and Services exam, which focuses on the core identity and security aspects of a Microsoft 365 tenant. The exam MS-100 tests your proficiency in Azure AD authentication types, user management roles, access management, and workload applications.
This book follows the published MS-100 blueprint, which covers identity and identity synchronization concepts, administrative roles, and crucial security topics such as self-service password reset, Azure AD password protection, and multifactor authentication. You'll gain insights into application and authentication concepts, including OAuth application request management, enterprise application configuration, the benefits of Azure AD Application Proxy, and deploying Microsoft 365 apps.
The book also delves into passwordless sign-in methods and provides overviews of configuring Exchange Online, Microsoft Teams, SharePoint Online, and OneDrive for Business in both cloud-only and hybrid deployments. You'll be able to assess your knowledge retention at the end of each chapter.
By the end of this MS-100 study guide, you'll have built the knowledge and skills to pass the MS-100 exam and be able to ensure thorough preparation with the help of practice exam questions.
What you will learn
- Build your knowledge to effectively plan a Microsoft 365 tenant
- Examine and monitor health metrics in the Microsoft 365 environment
- Select an authentication model that aligns with both business and security requirements
- Implement App Proxy, enterprise applications, and SAML integration
- Configure Exchange Online and Exchange hybrid scenarios
- Deploy the Microsoft 365 Apps seamlessly in your organization
- Explore the core features of SharePoint Online, OneDrive, and Teams
Who this book is for
Designed for both intermediate and experienced administrators, as well as individuals preparing to take the MS-100 exam, this book caters to those pursuing standalone achievement or aspiring to attain the Microsoft 365 Certified: Enterprise Administrator Expert certification. A foundational understanding of Microsoft 365 services and associated technologies is expected.
Author(s): Aaron Guilmette
Edition: 1
Publisher: Packt Publishing
Year: 2023
Language: English
Pages: 462
Preface
Part 1: Planning and Implementing a Microsoft 365 Tenant
1
Planning and Implementing a Microsoft 365 Tenant
Planning a tenant
Selecting a tenant type
Selecting a managed domain
Creating a tenant
Implementing and managing domains
Acquiring a domain name
Configuring a domain name
Managing DNS records manually
Configuring a default domain
Configuring organizational settings
Services
Organization profile
Summary
Knowledge check
Questions
Answers
2
Monitoring Microsoft 365 Tenant Health
Creating and managing service requests
Creating an incident response plan
Monitoring service health
Monitoring application access
Creating and managing access reviews
Reviewing audit logs
Reviewing the sign-ins report
Sending activity log data to Azure Monitor
Configuring and reviewing reports
Azure AD logs and reports
Azure Monitor and Log Analytics
Reviewing usage metrics
Microsoft 365 usage reports
Viva Insights
Adoption Score
Summary
Knowledge check
Questions
Answers
Part 2: Planning and Managing User Identity and Roles
3
Planning Identity Synchronization
Designing synchronization solutions
Overview of Azure AD Connect
Understanding Azure AD Connect with a single forest and single tenant
Understanding Azure AD Connect with multi-forest scenarios
Understanding Azure AD Connect with multi-tenant scenarios
Identifying object source requirements
Identifying required Azure AD Connect features
Understanding the prerequisites for Azure AD Connect
Azure AD
On-premises Active Directory
SQL Server
Azure AD Connect Server hardware components
Azure AD Connect server software components
AD FS
Accounts and security
Connectivity
Choosing between Azure AD Connect and Azure AD Connect Cloud Sync
Planning user sign-in
Password hash synchronization
Pass-through authentication
Federation
Summary
Knowledge check
Questions
Answers
4
Implementing and Managing Identity Synchronization with Azure AD
Preparing for identity synchronization by using IdFix
Configuring and managing directory synchronization by using Azure AD Connect
Installing the synchronization service
Configuring Azure AD Connect filters
Monitoring synchronization by using Azure AD Connect Health
Azure AD Connect Health
Azure AD Connect Health for sync
Azure AD Connect Health for Directory Services
Azure AD Connect Health for AD FS
Troubleshooting Azure AD Connect synchronization
Configuring and managing directory synchronization by using Azure AD Connect cloud sync
Installing the provisioning agent
Configuring the provisioning service
Customizing the provisioning service
Summary
Knowledge check
Questions
Answers
5
Planning and Managing Azure AD Identities
Creating and managing users
Creating and managing cloud users
Creating and managing synchronized users
Creating and managing guest users
Creating and managing groups
The Microsoft 365 admin center
The Azure AD portal
Managing and monitoring Microsoft 365 license allocations
Performing bulk user management
The Microsoft 365 admin center
The Azure AD portal
PowerShell
Summary
Knowledge check
Questions
Answers
6
Planning and Managing Roles in Microsoft 365
Understanding roles
Planning for role assignments
Managing roles in the Microsoft 365 admin center
Managing administrative units
Creating administrative units
Viewing and updating administrative units
Planning and implementing privileged identity management
Creating a role assignment
Reviewing role assignments
Alerting
Summary
Knowledge check
Questions
Answers
Part 3: Managing Access and Authentication
7
Planning and ImplementingAuthentication
Choosing an authentication mechanism
Windows Hello for Business
Microsoft Authenticator app
FIDO2 security keys
Comparison
Configuring and managing multi-factor authentication
Per-user multi-factor authentication
Security defaults
Conditional Access
Additional multi-factor authentication behavior settings
Implementing and managing authentication methods
Configuring Windows Hello
Configuring Microsoft Authenticator
Configuring FIDO2
Implementing and managing self-service password reset
Configuring self-service password reset
Managing self-service password reset
Implementing and managing Azure AD password protection
Custom smart lockout
Custom banned passwords
Password protection for Windows Server Active Directory
Investigating and resolving authentication issues
Summary
Knowledge check
Questions
Answers
8
Planning and Implementing Secure Access
Overview of Identity Governance
What is the identity life cycle?
What is the access life cycle?
What is the privileged access life cycle?
Planning and implementing Identity Governance
Working with access packages
Working with access reviews
Working with Identity Protection
Working with secure access
Planning Conditional Access policies
Implementing and managing Conditional Access policies
Summary
Knowledge check
Questions
Answers
9
Planning and Implementing Application Access
Planning access and authentication
Configuring application registration
Understanding application registration
Registering a new application
Managing user permissions for application registrations
Managing OAuth application requests
Reviewing Azure AD Enterprise applications
Reviewing the Microsoft 365 Defender portal
Configuring Azure AD Application Proxy
Configuring prerequisites
Deploying Azure App Proxy
Publishing enterprise applications in Azure AD
Configuring a group
Publishing on-premises applications for remote access
Publishing applications from the application gallery
Summary
Knowledge check
Questions
Answers
Part 4: Planning Microsoft 365 Workloads and Applications
10
Planning and Implementing Microsoft 365 Apps Deployment
Planning for client connectivity and device capability
Planning Microsoft 365 Apps compatibility
Planning for Microsoft 365 Apps updates
Implementing Microsoft 365 Apps deployment
Deployment methods
Deploying to endpoints
Summary
Knowledge check
Questions
Answers
11
Planning and Implementing Exchange Online Deployments
Planning for DNS records
MX
Autodiscover
SPF
DKIM
DMARC
Planning and implementing mail routing
Understanding domains
Understanding mail flow rules
Understanding connectors
Planning and implementing organizational settings
Planning and implementing an Exchange hybrid organization
Understanding the prerequisites
Running IdFix
Configuring networking
Running the HCW
Summary
Knowledge check
Questions
Answers
12
Planning and Implementing Microsoft SharePoint Online, OneDrive, and Microsoft Teams
Understanding SharePoint site types, collections, and lists
Planning a migration strategy for SharePoint Online and OneDrive for Business
Inventorying data sources
Selecting migration tools
Planning network requirements
Preparing the environment
Mapping identities
Migrating data
Identifying hybrid requirements for SharePoint Online
SharePoint hybrid features
SharePoint hybrid requirements
Managing access configuration for SharePoint Online and Microsoft Teams
Learning your way around
Managing Teams and SharePoint settings
Planning and implementing organizational settings
Managing SharePoint Online tenant and site settings
Microsoft Teams tenant settings
Planning, implementing, and managing guest and external access
Mapping Phone System features to requirements
Summary
Knowledge check
Questions
Answers
Part 5: Preparation
13
Practice Exam 1
Questions
Answers
14
Practice Exam 2
Questions
Answers
Index
Other Books You May Enjoy
