4729 Courses in Cardiff delivered Live Online

Advanced HP switches training course description A hands on course covering advanced features of HP switches. The focus of the course is on Layer 3 switching advanced features. Delegates will benefit the most from this course if they can supply us with their own configurations before the course. These configurations can then be used by the trainer in the course. What will you learn Configure and troubleshoot HP layer 3 switching. Configure and troubleshoot OSPF Harden HP switches. Explain the majority of their own configurations (if configurations are supplied to us before the course). Advanced HP switches training course details Who will benefit: Technical staff working with HP switches. Prerequisites: HP switches for engineers. Duration 2 days Advanced HP switches training course content Introduction VLAN review. Tagged and untagged ports. MSTP, PVST, UDLD, BPDU guard. Hands on VLANs, diagnostic tools debug, LLDP, remote port mirroring. L3 switching What are L3 switches? L3 lite, IPv4 and IPv6, routing protocols, routing tables. IP address on VLAN, no ip address on VLAN, connected interfaces, RIP. Hands on Routing between VLANs. Configuring and troubleshooting RIP. VRRP Default gateways, dead router detection, resilience. Hands on Configuring and troubleshooting VRRP. Static routes Why use static routes? Configuring static routes, default routes. OSPF Link state protocols, operation. Router types, LSA types, area 0. Hands on Configuring and troubleshooting OSPF. QoS Layer 2 QoS, 802.1Q, priorities, dscp mapping, rate limiting. Access lists Filtering traffic through the switch, controlling access to the switch, enabling and disabling ACLs, standard ACLs, extended ACLs Security DHCP snooping, ARP protection, STP guards, switch hardening. Summary Walkthrough of delegate configurations.

HSPA and HSPA+ training course description HSDPA (High Speed Downlink Packet Access) and HSUPA (High Speed Uplink Packet Access) provide speeds of upto 14Mbps downlink and 5Mbps uplink. This theory-based course provides an overview of the 3GPP R5 and R6 HSDPA/HSUPA standards and the technologies which are involved. The HSPA+ R7 enhancements are also covered. What will you learn Explain the relationship between HSPA and UMTS. Describe the benefits of HSPA/HSPA+ Explain the HSPA/HSPA+ technical enhancements. Explain packet flows in HSPA/HSPA+. Recognise the migration issues involved with HSPA/HSPA+ HSPA and HSPA+ training course details Who will benefit: Anyone working with HSPA. Prerequisites: Essential UMTS Duration 2 days HSPA and HSPA+ training course contents UMTS review UMTS architecture, components, interfaces, protocols, W-CDMA, standards, 3GPPr5, 3GPPr6, evolution to HSDPA and HSPA. HSPA basics What is HSDPA, what is HSUPA, key features, system capacities, data rates, delays. Key concepts: Adaptive modulation and coding (AMC), QPSK, 16QAM, HARQ, MAC-hs, multiplexing, subframes. HSPA channels Logical, transport, physical channels, dedicated vs. shared channels, HS-PDSCH, HS-SCCH, HS-DPCCH, code multiplexing, E-DCH, Enhanced DPCCH. MAC-architecture Controlling HS-DSCH, flow control, buffering, priority queues, packet scheduling, fast packet scheduling, Selecting modulation and coding. HARQ: Packet retransmissions, Incremental redundancy, comparison with ARQ, TFRC. MAC-d, MAC-c/sh, MAC-hs, MAC-es, MAC-e. HSPA migration HSDPA in the Radio Access Network (RAN), reuse of existing UMTS components, changes required, Impact on Iub/Iur interfaces, new and modified NBAP procedures, backwards compatibility. Packet flows Packet data session setup, simultaneous voice and data, QoS, TCP flow control, WCDMA packet scheduler, mobility procedures. HSPA phase 2 (3GPP r6) What is evolved HSPA? Speeds. Multiple Input Multiple Output (MIMO). Optional all IP architecture. R8 and LTE.

Data centre infrastructure course description This course provides a foundation in data centre infrastructure technologies. It begins with a tour of virtualisation and the impact of this on the network before moving on to the spine and leaf design, how it works and how to scale. Layer 2 technologies enabling this architecture are studied in terms of the impact on the data centre. The course then progresses onto how Layer 3 technologies such as BGP, EVPN and VXLAN are used in data centre networks. The course then studies interconnecting data centres finishing with a section on automation and orchestration of both underlay and overlay networks. What will you learn Explain the spine and leaf architecture Recognise the impact of virtualisation, containers and orchestration on the network Describe how the following technologies are used in data centres: Multi port aggregation Overlay networks MBGP, VRFs, EVPN VXLAN COOP Data centre infrastructure course details Who will benefit: Staff involved with Data centres. Prerequisites: Network fundamentals for engineers Duration 2 days Data centre infrastructure course contents What is Ethernet? Data centres versus enterprise networks. Servers, Blades, Racks, Clusters, Storage, Virtual Machines, Hosts, guests, containers, orchestration. Virtual switches. Distributed switches. Live migrations (e.g. vMotion). IP addressing and VM traffic. Data centre network architecture Spine leaf design. North south traffic, East West traffic, Scaling: Ports, bandwidth. N+1 redundancy, ratio East West optimisation, oversubscription. 2 tier versus 3 tier Leaf/Spine. Pods. Underlay, Overlay L2 technologies STP vs link aggregation vs multi link aggregation. LACP, LLDP, CDP. Scalability. VLANs and VLAN pruning. L2 design recommendations. Disabling STP on edge ports. L3 technologies Underlay, Overlay, VXLAN, VTEP, VXLAN overlay forwarding, EVPN, IS-IS, COOP, MP BGP, VRFs, EBGP, IBGP, AS numbers, route reflectors. Anycast gateways. MTU considerations-for data and control planes. BUM traffic. Data centre interconnects Pods, fabrics, multi pods, multi fabric, multi site. VXLAN with BGP/EVPN Data center interconnect. Cloud integration, Inter Site Networks. Automation Automation and orchestration, Zero touch provisioning, Devops, Netops, telemetry automated configuration for underlay and overlay, SDN.

3G training course description This course is designed to give the delegate an understanding of the technologies used within a 3G UMTS mobile network. During the course we will investigate the UMTS air interface and the use of Wideband-Code Division Multiple Access (WCDMA) to facilitate high speed data access, together with HSPA to offer mobile broadband services. We will describe the use of soft handover rather than hard handover procedures and soft capacity sharing. The course includes a brief exploration of the UMTS protocol stack and the use of PDP Context and QoS support features. What will you learn Explain the 3G UMTS architecture. Describe the role of a Drifting & Serving RNC. Explain the use of ARQ & HARQ for mobile broadband. Describe how IMS integrates into the architecture. Describe the use of Media Gateway Controllers. Identify the temporary identities used within 3G UMTS. 3G training course details Who will benefit: Anyone working within the telecommunications area, especially within the mobile environment. Prerequisites: Mobile communications demystified Telecommunications Introduction Duration 2 days 3G training course contents D3GPP specifications 3GPP standards body, Evolution path, Frequency and bandwidth, Conceptual model, UMTS general architecture, UTRAN architecture & radio access bearer. CDMA principles CDMA principle, Code characteristics, Code requirements. CDMA requirements Synchronization, Power control, Soft handover, Rake receiver, Antenna consideration, Multi-user detection. Radio interface protocol architecture Access stratum & non-access stratum, Overall protocol structure, Logical and transport channels, Physical channels, Protocol termination. Layer 2 Protocols Medium Access Control (MAC) Protocol, Radio Link Control (RLC) Protocol, Packet Data Convergence Protocol (PDCP) protocol, Radio Interface for Broadcast/Multicast Services. Radio Resource Control (RRC) Protocol RRC Architecture, RRC Protocol State, Broadcast of information, RRC connection management, Radio bearer management, RRC connection mobility functions, Power control, Ciphering and Integrity. Mobile procedures Mobility management states and transitions, UMTS identities, Procedures in Idle mode (location updates, cell selection/ re-selection), Circuit-switched call set-up, Packet-switched context activation and context preservation, Data transfer initialization, Soft-handover procedure. Introduction to HSPA The need for high speed data, Fast HARQ, Improved scheduling, Additional channels, Soft combining, HS-DSCH codes, Uplink HSPA vs downlink HSPA, Full HSPA, Use of MIMO, Enhanced CELL_FACH.

ZigBee training course description A hands on course covering the entire ZigBee protocol stack. ZigBee operation, primitives and frame formats are covered in detail using software tools to test and analyse ZigBee commands and demonstrate how these affect the 802.15.4 MAC. Analysers are used to decode packet formats. What will you learn Describe the ZigBee architecture and applications. Explain the workings of ZigBee protocol stack including the 802.15.4, NWK, APS and ZDO sub layers. Describe in detail the ZigBee primitives and how they are used to pass data; make networks; join networks and repair networks. Secure ZigBee networks. ZigBee training course details Who will benefit: Technical staff requiring grounding in ZigBee including application engineers. Prerequisites: RF fundamentals. Duration 2 days ZigBee training course contents Wireless data overview What is 802.15.4 and ZigBee? WLAN, WPAN, Bluetooth vs. ZigBee. Markets. Applications and architecture. ZigBee demonstration. ZigBee Standards and technology The 7-layer model, IEEE WPAN standards overview, 802.15.4 & ZigBee, ZigBee alliance. ZigBee Protocol stack The ZigBee 5 layer model, The network (NWK) sub layer, Application support sub layer (APS), the ZigBee Device Object (ZDO). 802.15.4 Radio Frequencies, modulation, power, DSSS, BPSK/ O-QPSK, channels, symbols, chips and bit rate. 802.15.4 PHY PHY data transfer primitives. The PHY packet. PHY PIB management. 802.15.4 MAC layer The MAC layer overview, CSMA/CA, addresses, frame types, super frames, MAC layer: Data, Data control, Scan and join, PAN maintenance, MAC PIB. Hands on 802.15.4 frame analysis. ZigBee Topologies Point to point topology, star topology, cluster tree, wired integration. Hands on Building a ZigBee network. ZigBee frame formats General frame format, data frames, command frames. Hands on Analysing ZigBee frames. ZigBee NWK NWK data primitives: Request. Confirm. Indication. NWK management primitives: Network discovery, network formation. Permit joining. Start router. Join. Direct join. Leave. Reset. Sync. NWK database management. Hands on NWK analysis ZigBee APS Address mapping, matching devices, binding devices, binding tables. Hands on APS analysis. ZigBee ZDO Device roles, binding requests, initiating and responding, device discovery, service discovery, network management. ZDO Endpoint 0. ZigBee Security Security issues, security modes, MAC security, NWK security, APS security. Applications Writing ZigBee applications, application profiles, End points, Endpoint addressing, clusters of attributes, broadcasts. Hands on Sample ZigBee application.

LTE Backhaul training course description This course provides a concise insight into the LTE backhaul. Key parts of the course are detailed looks at the transport of messages and the S1 and X2 protocols. What will you learn Describe the overall architecture of LTE. Explain how data and signalling messages are transported in LTE. Describe the S1 protocol. Describe the X2 protocol. LTE Backhaul training course details Who will benefit: Anyone working with LTE. Prerequisites: Mobile communications demystified Duration 2 days LTE Backhaul training course contents Introduction In the first section of the course, we review LTE and its hardware and software architecture. Requirements and key features of LTE. LTE Architecture and capabilities of the UE. Architecture of the E-UTRAN, functions of the eNB. EPC architecture, and functions of the MME, SGW, PGW and PCRF. System interfaces and protocol stacks. Example information flows. Dedicated and default bearers. EMM, ECM and RRC state diagrams. Architecture of the radio access network In this section, we look in more detail at the architecture of the evolved UMTS terrestrial radio access network (E-UTRAN). Logical and physical architecture of the E-UTRAN. Numbering, addressing and identification. E-UTRAN functions. E-UTRAN protocol stacks. Timing and frequency synchronisation in LTE. Transport of data and signalling in LTE Here, we look in more detail at the techniques and protocols that are used to transport data and signalling messages across the evolved UMTS terrestrial radio access network and the evolved packet core. Quality of service in LTE. The GPRS tunnelling protocol. Differentiated services Multi-protocol label switching (MPLS). The stream control transmission protocol (SCTP). The S1 application protocol This section gives a detailed account of the signalling procedures in the S1 application protocol, which the MME uses to control the operation of the eNB. The material looks at the procedures, messages and information elements, and relates them to the system-level procedures in which they are used. S1 setup procedure. UE context management procedures. Non access stratum information transport. Procedures for managing the evolved radio access bearer (E-RAB). Paging procedures. Mobility management procedures for S1-based handovers. Procedures in support of self-optimising networks. The X2 application protocol This section gives a detailed account of the signalling procedures in the X2 application protocol, which is used for peer-to-peer communication between eNBs. The material looks at the procedures, messages and information elements, and relates them to the system-level procedures in which they are used. X2 setup procedure. Mobility management procedures for X2-based handovers Procedures in support of self-optimising networks. High level system operation In the final section, we bring our discussions of the S1 and X2 application protocols together by reviewing the system-level operation of LTE. Attach procedure. Transitions between the states of RRC Idle and RRC Connected. Tracking area updates in RRC Idle. Handover procedures in RRC Connected.

LTE Airside training course description This course provides a concise insight into the LTE airside. Key parts of the course are detailed looks at the air interface protocol stack, cell acquisition, transmission and reception of data and of he layer 1 procedures along with layer 2 procedures. What will you learn Explain the RF optimisation flowchart. Describe the importance of Reference Signal Received Power (RSRP). List many of the 3GPP recommended KPIs. Describe the concept of APN AMBR and UE AMBR within LTE. Describe the use of planning and optimisation computer tools. LTE Airside training course details Who will benefit: Anyone working with LTE. Prerequisites: Essential LTE Duration 2 days LTE Airside training course contents Introduction and review of LTE This section describes the requirements of LTE and key technical features, and reviews the system architecture. LTE Architecture, UE, E-UTRAN and EPC. Specifications. OFDMA, SC-FDMA and MIMO antennas This section describes the techniques used in the LTE air interface, notably orthogonal frequency division multiple access (OFDMA) and multiple input multiple output (MIMO) antennas. Communication techniques for fading multipath channels. OFDMA, FFT processing and cyclic prefix insertion. SC-FDMA in the LTE uplink. Multiple antenna techniques including transmit & receive diversity and spatial multiplexing. Introduction to the air interface This section covers the operation of the air interface, the channels that it uses, and the mapping to the time and frequency domains of OFDMA and SC-FDMA. Air interface protocol stack. Logical, transport and physical channels. Frame and slot structure, the resource grid. Resource element mapping of the physical channels and physical signals. LTE spectrum allocation. Cell acquisition This is the first of three sections covering the air interface physical layer. Here, we cover mobile procedures to start low-level communications with the cell, and base station transmission of the corresponding information. Primary/secondary synchronisation signals. Downlink reference signals. The master information block. Physical control format indicator channel. Organisation and transmission of the system information. Data transmission and reception In this section, we cover procedures used for data transmission and reception on the shared channels, and describe in detail the individual steps. Data transmission and reception on the uplink and downlink. Scheduling commands and grants on the PDCCH. DL-SCH and UL-SCH. Physical channel processing of the PDSCH and PUSCH. Hybrid ARQ indicators on the PHICH. Uplink control information on the PUCCH. Uplink demodulation and sounding reference signals. Additional physical layer procedure This section concludes our discussion of the air interface physical layer, by discussing a number of procedures that support its operation. Transmission of the physical random access channel. Contention and non-contention based random access procedures. Discontinuous transmission in idle and connected modes. Uplink power control and timing advance. Air interface layer 2 This section describes the architecture and operation of layer 2 of the air interface protocol stack. MAC protocol, interactions with the physical layer, use for scheduling. RLC protocol, transparent, unacknowledged and acknowledged modes. PDCP, including header compression, security functions and recovery from handover.

Duration 4 Days 24 CPD hours This course is intended for This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data. This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization?s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations. Prerequisites AZ-104T00 - Microsoft Azure Administrator Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model. Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods. Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information. Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI. 1 - Manage identities in Microsoft Entra ID Secure users in Microsoft Entra ID Secure groups in Microsoft Entra ID Recommend when to use external identities Secure external identities Implement Microsoft Entra Identity protection 2 - Manage authentication by using Microsoft Entra ID Configure Microsoft Entra Verified ID Implement multifactor authentication (MFA) Implement passwordless authentication Implement password protection Implement single sign-on (SSO) Integrate single sign-on (SSO) and identity providers Recommend and enforce modern authentication protocols 3 - Manage authorization by using Microsoft Entra ID Configure Azure role permissions for management groups, subscriptions, resource groups, and resources Assign built-in roles in Microsoft Entra ID Assign built-in roles in Azure Create and assign a custom role in Microsoft Entra ID Implement and manage Microsoft Entra Permissions Management Configure Microsoft Entra Privileged Identity Management Configure role management and access reviews by using Microsoft Entra Identity Governance Implement Conditional Access policies 4 - Manage application access in Microsoft Entra ID Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants Manage app registrations in Microsoft Entra ID Configure app registration permission scopes Manage app registration permission consent Manage and use service principals Manage managed identities for Azure resources Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication 5 - Plan and implement security for virtual networks Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs) Plan and implement User-Defined Routes (UDRs) Plan and implement Virtual Network peering or gateway Plan and implement Virtual Wide Area Network, including secured virtual hub Secure VPN connectivity, including point-to-site and site-to-site Implement encryption over ExpressRoute Configure firewall settings on PaaS resources Monitor network security by using Network Watcher, including NSG flow logging 6 - Plan and implement security for private access to Azure resources Plan and implement virtual network Service Endpoints Plan and implement Private Endpoints Plan and implement Private Link services Plan and implement network integration for Azure App Service and Azure Functions Plan and implement network security configurations for an App Service Environment (ASE) Plan and implement network security configurations for an Azure SQL Managed Instance 7 - Plan and implement security for public access to Azure resources Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies Plan and implement an Azure Application Gateway Plan and implement an Azure Front Door, including Content Delivery Network (CDN) Plan and implement a Web Application Firewall (WAF) Recommend when to use Azure DDoS Protection Standard 8 - Plan and implement advanced security for compute Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access Configure network isolation for Azure Kubernetes Service (AKS) Secure and monitor AKS Configure authentication for AKS Configure security for Azure Container Instances (ACIs) Configure security for Azure Container Apps (ACAs) Manage access to Azure Container Registry (ACR) Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption Recommend security configurations for Azure API Management 9 - Plan and implement security for storage Configure access control for storage accounts Manage life cycle for storage account access keys Select and configure an appropriate method for access to Azure Files Select and configure an appropriate method for access to Azure Blob Storage Select and configure an appropriate method for access to Azure Tables Select and configure an appropriate method for access to Azure Queues Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage Configure Bring your own key (BYOK) Enable double encryption at the Azure Storage infrastructure level 10 - Plan and implement security for Azure SQL Database and Azure SQL Managed Instance Enable database authentication by using Microsoft Entra ID Enable and monitor database audit Identify use cases for the Microsoft Purview governance portal Implement data classification of sensitive information by using the Microsoft Purview governance portal Plan and implement dynamic mask Implement transparent data encryption? Recommend when to use Azure SQL Database Always Encrypted 11 - Plan, implement, and manage governance for security Create, assign, and interpret security policies and initiatives in Azure Policy Configure security settings by using Azure Blueprint Deploy secure infrastructures by using a landing zone Create and configure an Azure Key Vault Recommend when to use a dedicated Hardware Security Module (HSM) Configure access to Key Vault, including vault access policies and Azure Role Based Access Control Manage certificates, secrets, and keys Configure key rotation Configure backup and recovery of certificates, secrets, and keys 12 - Manage security posture by using Microsoft Defender for Cloud Implement Microsoft Defender for Cloud Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory Assess compliance against security frameworks and Microsoft Defender for Cloud Add industry and regulatory standards to Microsoft Defender for Cloud Add custom initiatives to Microsoft Defender for Cloud Connect hybrid cloud and multicloud environments to Microsoft Defender for Cloud Identify and monitor external assets by using Microsoft Defender External Attack Surface Management 13 - Configure and manage threat protection by using Microsoft Defender for Cloud Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS Configure Microsoft Defender for Servers Configure Microsoft Defender for Azure SQL Database Manage and respond to security alerts in Microsoft Defender for Cloud Configure workflow automation by using Microsoft Defender for Cloud Evaluate vulnerability scans from Microsoft Defender for Server 14 - Configure and manage security monitoring and automation solutions Monitor security events by using Azure Monitor Configure data connectors in Microsoft Sentinel Create and customize analytics rules in Microsoft Sentinel Configure automation in Microsoft Sentinel Additional course details: Nexus Humans AZ-500T00 Microsoft Azure Security Technologies training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AZ-500T00 Microsoft Azure Security Technologies course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Senior Consultants (both functional and technical) that aspire to be Solution Architects, or current Solution Architects that are new to the role. The Solution Architect is responsible for the successful design, implementation, deployment and adoption of an overall solution. The Solution Architect ensures that the solution meets the customer?s needs now and in the future. In this course, students will learn about decisions a Solution Architect makes during an implementation, covering security, integrations, Power Apps architecture, Power Automate architecture, and more. This course is designed to give you an introduction to the Solution Architect role. Becoming a Solution Architect/Getting to know your customer Define a Solution Architect Role of a Solution Architect on projects Project Methodology Getting to know your customer Group exercise - Getting to know your customer Conceptualizing the design from requirements How to lead the requirement collection effort Using fit gap analysis Pillars of good architecture Blueprinting the solution architecture Group exercise - Design from requirements Project governance and working as a team Solution Architect's role in project governance Techniques for keeping a project on track Scenarios that could cause a project to fail Group exercise - Project governance and working as a team Power Platform Architecture Key Power Platform architecture components Understand how platform design and limits influence solution architectures Updates and feature releases Understand how to communicate how the platform meets customer needs Data Modeling Data model influences Data model strategy Data types Data relationships Group exercise - Data modeling Analytics and artificial intelligence Planning and evaluating requirements Operational reporting Power BI Enterprise BI Pre-built insights and custom AI Power Apps Architecture Discuss options for apps and how to choose where to start Discuss app composition options Using components as part of your app architecture Considerations for including Portals as an app in your architecture Group exercise - Power Apps Architecture topics Application Lifecycle Management (ALM) Microsoft vision and Solution Architect's role in ALM Environment strategies Defning a solution structure for your deliverable Power Automate Architecture Discuss options for automation and custom logic Review considerations for using triggers and common actions Explore using Business Process Flows (BPF) to guide users through business processes Group Exercise - Evaluate scenarios for Power Automate usage Security Modeling Solution Architect's role in security modeling Discovery and learning your client's environment Controlling access to environments and resources Controlling access to CDS Data Group Exercise - Security Modeling Integration Solution Architects role in Integrations What is an integration and why do we need it Platform features that enable integration CDS Event Publishing Scenarios for group discussion Dynamics 365 Applications Architecture Solution Architect's role when deploying Dynamics 365 apps Architecture Considerations for primary apps Group Exercise - App specific working groups evaluate requirements Power Virtual Agents architecture Introduction Chatbot options Chatbot concepts Best practices Integrate chatbots Power Virtual Agents in Microsoft Teams Robotic Process Automation Introduction Power Automate Desktop Recording and editing tasks Running desktop flows Process advisor Testing and Go Live Solution Architect's role with testing and go live Planning for testing Planning for go live

Duration 4 Days 24 CPD hours This course is intended for This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialize in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organization. The Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organization?s identity and access management systems by using Microsoft Entra ID. Learn to manage tasks such as providing secure authentication and authorization access to enterprise applications. You will also learn to provide seamless experiences and self-service management capabilities for all users. Finally, learn to create adaptive access and governance of your identity and access management solutions ensuring you can troubleshoot, monitor, and report on your environment. The Identity and Access Administrator may be a single individual or a member of a larger team. Learn how this role collaborates with many other roles in the organization to drive strategic identity projects. The end goal is to provide you knowledge to modernize identity solutions, to implement hybrid identity solutions, and to implement identity governance. Prerequisites SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals AZ-104T00 - Microsoft Azure Administrator 1 - Explore identity in Microsoft Entra ID Explain the identity landscape Explore zero trust with identity Discuss identity as a control plane Explore why we have identity Define identity administration Contrast decentralized identity with central identity systems Discuss identity management solutions Explain Microsoft Entra Business to Business Compare Microsoft identity providers Define identity licensing Explore authentication Discuss authorization Explain auditing in identity 2 - Implement initial configuration of Microsoft Entra ID Configure company brand Configure and manage Microsoft Entra roles Configure delegation by using administrative units Analyze Microsoft Entra role permissions Configure and manage custom domains Configure tenant-wide setting 3 - Create, configure, and manage identities Create, configure, and manage users Create, configure, and manage groups Configure and manage device registration Manage licenses Create custom security attributes Explore automatic user creation 4 - Implement and manage external identities Describe guest access and Business to Business accounts Manage external collaboration Invite external users - individually and in bulk Demo - manage guest users in Microsoft Entra ID Manage external user accounts in Microsoft Entra ID Manage external users in Microsoft 365 workloads Implement and manage Microsoft Entra Verified ID Configure identity providers Implement cross-tenant access controls 5 - Implement and manage hybrid identity Plan, design, and implement Microsoft Entra Connect Implement manage password hash synchronization (PHS) Implement manage pass-through authentication (PTA) Demo - Manage pass-through authentication and seamless single sign-on (SSO) Implement and manage federation Trouble-shoot synchronization errors Implement Microsoft Entra Connect Health Manage Microsoft Entra Health 6 - Secure Microsoft Entra users with multifactor authentication What is Microsoft Entra multifactor authentication? Plan your multifactor authentication deployment Configure multi-factor authentication methods 7 - Manage user authentication Administer FIDO2 and passwordless authentication methods Explore Authenticator app and OATH tokens Implement an authentication solution based on Windows Hello for Business Deploy and manage password protection Configure smart lockout thresholds Implement Kerberos and certificate-based authentication in Microsoft Entra ID Configure Microsoft Entra user authentication for virtual machines 8 - Plan, implement, and administer Conditional Access Plan security defaults Plan Conditional Access policies Implement Conditional Access policy controls and assignments Test and troubleshoot Conditional Access policies Implement application controls Implement session management Implement continuous access evaluation 9 - Manage Microsoft Entra Identity Protection Review identity protection basics Implement and manage user risk policy Monitor, investigate, and remediate elevated risky users Implement security for workload identities Explore Microsoft Defender for Identity 10 - Implement access management for Azure resources Assign Azure roles Configure custom Azure roles Create and configure managed identities Access Azure resources with managed identities Analyze Azure role permissions Configure Azure Key Vault RBAC policies Retrieve objects from Azure Key Vault Explore Microsoft Entra Permissions Management 11 - Plan and design the integration of enterprise apps for SSO Discover apps by using Microsoft Defender for Cloud Apps and Active Directory Federation Services app report Configure connectors to apps Design and implement app management roles Configure preintegrated gallery SaaS apps Implement and manage policies for OAuth apps 12 - Implement and monitor the integration of enterprise apps for SSO Implement token customizations Implement and configure consent settings Integrate on-premises apps with Microsoft Entra application proxy Integrate custom SaaS apps for single sign-on Implement application-based user provisioning Monitor and audit access to Microsoft Entra integrated enterprise applications Create and manage application collections 13 - Implement app registration Plan your line of business application registration strategy Implement application registration Register an application Configure permission for an application Grant tenant-wide admin consent to applications Implement application authorization Manage and monitor application by using app governance 14 - Plan and implement entitlement management Define access packages Configure entitlement management Configure and manage connected organizations Review per-user entitlements 15 - Plan, implement, and manage access review Plan for access reviews Create access reviews for groups and apps Create and configure access review programs Monitor access review findings Automate access review management tasks Configure recurring access reviews 16 - Plan and implement privileged access Define a privileged access strategy for administrative users Configure Privileged Identity Management for Azure resources Plan and configure Privileged Access Groups Analyze Privileged Identity Management audit history and reports Create and manage emergency access accounts 17 - Monitor and maintain Microsoft Entra ID Analyze and investigate sign-in logs to troubleshoot access issues Review and monitor Microsoft Entra audit logs Export logs to third-party security information and event management system Analyze Microsoft Entra workbooks and reporting Monitor security posture with Identity Secure Score