Cart 0

Identity and Access Management Training

Course 2056
4 DAY COURSE
Price:
Course Outline

This course will immerse you in a modern Identity and Access Management (IAM) practical Hands-On experience, so you will strengthen your organization’s access to critical resources.  You will implement trust by building a Public Key Infrastructure (PKI) hierarchy and an on-premises Federated Single Sign On (SSO) system with Microsoft Identity Provider (IdP). You will learn the impact of Artificial Intelligence (AI) on IAM systems and on Zero Trust context. You will select appropriate authenticating environments, such as Workload and Workforce identities and Open Authorization (OAuth) to secure API access. You will also build an identity attribute mapping and synchronization system, with a central Share Point management solution. You will discover how Kubernetes implements IAM and federates to external APIs.

Identity and Access Management Training Benefits

  • In this course, you will:

    • Implement modern Identity and Access Management (IAM) solutions to secure access to data
    • Build a robust Public Key Infrastructure (PKI) to manage enterprise trust
    • Seamlessly implement Federation Identity Management (FIM) with ADFS
    • Extend Single Sign-On (SSO) with Zero Trust Architecture (ZTA)
    • Enhance Agentic AI and non-human actor authentication with certificates
    • Map the entity divide of Workload Identity vs Workforce Identity
    • Manage identities among multiple account stores with MIM 2016
    • Apply a managed identity to Bring Your Own Device (BYOD)
    • Formulate an IAM policy

  • Prerequisites

    • Familiarity with security issues at the level of Course 468, Introduction to Cybersecurity
    • Experience with Windows operating system

Identity Access Management Course Outline

Fundamentals of Identity and Access Management

Identity and its theft

  • Protecting Access to Data with Quad of IAM
  • Multi Factor Authentication (MFA) attacks
  • Secure alternatives to “Death of the Password”

Secure Identity Lifecycle Management

  • Migrating to Trusted Platform Module (TPM) hardware
  • "Joiner-Mover-Leaver"(JML) process

Implementing Single Sign-On (SSO)

  • Applying Kerberos identities in a domain
  • Interoperating via OIDC and SAML

Selecting Identity Trust Models

  • Centralized vs Federated
  • Zero Trust Architecture (ZTA)

Surveying the impact of Agentic AI on IAM

  • AI agent as a first-class identity and ephemeral credentials
  • Token Exchange delegation chain

Mapping and Synchronizing Identities

Discovering identity stores

  • Exploring identities in Kerberos tickets and AD attributes
  • Identifying identities in SQL databases

Demystifying MIM 2016

  • Importing identities from Connected Data Source CDS into Connector Space CS
  • Synchronizing identities into Metaverse MV
  • Managing identities and rules with the SharePoint MIM Portal

Implementing Identities in an Enterprise PKI

Inside PKI X.509 v3 certificates

  • Expiring identities with certificate lifetimes
  • Verifying identities with Subject Alternative Name
  • Binding identities to certificates

Establishing trust via certificates

  • Validating trust with digital signatures
  • Creating entity trust by importing a root CA
  • Flowing trust with domain Group Policy Object GPO

Building an enterprise Subordinate CA

  • Publishing Certificate Revocation Lists (CRLs)
  • Accessing directories with LDAP
  • Configuring Online Certificate Status Protocol OCSP

Expanding Trust with Federated Identity Management

Federating with Microsoft Active Directory Federation Services ADFS

  • Authenticating with a trusted Identity Provider IdP
  • Controlling access with claims
  • Verifying SAML tokens with Relaying Party RP

Creating claims-aware applications

  • Building claims-aware applications with Windows Identity Foundation WIF
  • Abstracting SAML, WS-Trust and WS-Federation protocols
  • Migrating to Open ID Connect OIDC and Java Web Tokens JWT

Trusting external Identity Providers

  • Extending ADFS externally with Web Application Proxy WAP
  • Mapping external ADFS namespaces with split DNS

Modern Identity Architectures

Evolving Application Authentication

  • Customer Identity and Access Management (CIAM)
  • Decentralized authentication with Self-Sovereign Identity (SSI)
  • Zero Trust with Google Cloud Identity Aware Proxy IAP 

Workforce Identity vs Workload Identity

  • External long-term keyed authentication vs short-lived OAuthToken
  • Cloud workforce federation with Bring Your Own Identity BYOID
  • Kubernetes IAM mapping tokens with Workload Identity

Mobile Identity Management with BYOD

Enrolling mobile devices

  • Joining devices with Workplace Join
  • Enacting Device Registration Services DRS

Planning a Federated Identity Roadmap

  • Achieving the FICAM IdM vision
  • Creating organizational identity management policy
Course Dates
Attendance Method
Additional Details (optional)