The main subject areas of the course are: Role of the analyst Stage one Stage two Stage three Stage four Certificates and reporting results DCU clearance testing Quality control
Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - Architectural Concepts and Design Requirements Cloud Computing Concepts Cloud Reference Architecture Cloud Computing Security Concepts Design Principles of Secure Cloud Computing Trusted Cloud Services 2 - Cloud Data Security CSA (Cloud Security Alliance) Cloud Data Lifecycle Cloud Data Storage Architectures Data Security Strategies Data Discovery and Classification Technologies Protecting Privacy and PII (Personally Identifiable Information) Data Rights Management Data Retention, Deletion, and Archiving Policies Auditability, Traceability, and Accountability of Data Events 3 - Cloud Platform and Infrastructure Security Cloud Infrastructure Components Cloud Infrastructure Risks Designing and Planning Security Controls Disaster Recovery and Business Continuity Management 4 - Cloud Application Security The Need for Security Awareness and Training in application Security Cloud Software Assurance and Validation Verified Secure Software SDLC (Software Development Life Cycle) Process Secure SDLC Specifics of Cloud Application Architecture Secure IAM (Identity and Access Management) Solutions 5 - Operations Planning Process for the Data Center Design Installation and Configuration of Physical Infrastructure for Cloud Environment Running Physical Infrastructure for Cloud Environment Managing Physical Infrastructure for Cloud Environment Installation and Configuration of Logical Infrastructure for Cloud Environment Running Logical Infrastructure for Cloud Environment Managing Logical Infrastructure for Cloud Environment Compliance with Regulations and Controls Risk Assessment for Logical and Physical Infrastructure Collection, Acquisition, and Preservation of Digital Evidence Managing Communication with Stakeholders 6 - Legal and Compliance Legal Requirements and Unique Risks within the Cloud Environment Relevant Privacy and PII Laws and Regulations Audit Process, Methodologies, and Required Adaptions for a Cloud Environment Implications of Cloud to Enterprise Risk Management Outsourcing and Cloud Contract Design Vendor Management
This training course aims to equip you with in-depth knowledge on ISO 9001 requirements, as well as the best practices and approaches used for the implementation and subsequent maintenance of a QMS. By attending this training course, you can help organizations utilize a structured and evidence-based approach for managing the quality of their products and services. Apart from this, you will also learn about the importance of customer focus and benefits of setting the foundations of an organizational culture which enables and supports quality. The training course is followed by a certification exam. If you pass, you can gain the "Certified ISO 9001 Lead Implementer' credential. This certificate validates your competence to implement a QMS based on the requirements of ISO 9001. About This Course Learning objectives By the end of this training course, the participant will be able to: Explain the fundamental concepts and principles of a quality management system (QMS) based on ISO 9001 Interpret the requirements of ISO 9001 for a QMS from the perspective of an implementer Initiate and plan the implementation of a QMS based on ISO 9001, by utilizing best practice Support an organization in operating, maintaining, and continually improving a QMS based on ISO 9001 Prepare an organization to undergo a third-party certification audit Educational approach This training course is learner-centred and contains: Theories, approaches, and best practices used in management system implementation, operation, maintenance, and continual improvement Theoretical basis supported by practical examples, throughout the four days of the training course Interaction between the trainers and participants by means of questions and discussions Essay-type homework exercises at the end of each day Quizzes with stand-alone items (after each section) and scenario-based quizzes (at the end of each day), intended to prepare the participants for the certification exam Accreditation Assessment The exam covers the following competency domains: Domain 1: Fundamental principles and concepts of a quality management system Domain 2: Initiation of a QMS implementation Domain 3: Planning of a QMS implementation based on ISO 9001 Domain 4: Implementation of a QMS based on ISO 9001 Domain 5: Monitoring and measurement of a QMS based on ISO 9001 Domain 6: Continual improvement of a QMS based on ISO 9001 Domain 7: Preparation for a QMS certification audit The exam itself is a 12 question, essay type format, to be completed within a 150 minute window. The exam pass mark is 70%. Exam results are provided within 24 hours. Our Guarantee We are an official IECB Training Provider If you fail an exam, you can try again for free If you feel you need additional training, you can train for free too Prerequisites The main requirements for participating in this training course are a basic knowledge of ISO management system standards, overall knowledge of ISO 9001, and the MS implementation principles. An understanding of ISO's quality management principles may also facilitate the learning process. What's Included? Official Study Guides 4 day's Instructor led training Exam fees Who Should Attend? The ISO 9001 Lead Implementer training course is intended for: Personnel responsible for maintaining and improving the quality of the products and services of the organization Personnel responsible for meeting customer requirements Consultants, advisors, professionals wishing to obtain in-depth knowledge of ISO 9001 requirements for a QMS Professionals wishing to acquaint themselves with best practice methodology for implementing a QMS Individuals responsible for maintaining the conformity of QMS to ISO 9001 requirements Members of QMS implementation and operation teams Individuals aspiring to pursue a career in quality management Provided by This course is Accredited by NACSand Administered by the IECB.
CWNA training course description A hands-on course focusing on the technical support of WiFi. Wireless LANs are often seen as simple communications that are simply installed and then left alone to work. This course ensures that delegates will be able to install WiFi networks which work but also enable the delegates to troubleshoot WiFi when it does go wrong. What will you learn Compare 802.11 standards. Configure WiFi networks. Troubleshoot WiFi networks using spectrum analysers, Wireshark and other tools. Implement 802.11 security. Perform RF surveys. CWNA training course details Who will benefit: Technical staff working with WiFi networks. Anyone wishing to pass the CWNA exam. Prerequisites: Intro to data communications & networking Duration 5 days CWNA training course contents Introduction History, standards. RF fundamentals What is RF? Wavelength, Frequency, Amplitude, Phase. Wave behaviour. RF components. Watts, mW, dB, SNR, Link budgets. Hands on Spectrum analysis. Listing WiFi networks. WiFi connection. inSSIDer. Antennas Radiation envelopes, polar charts, gain, Antenna types. Line of Sight, MIMO. Hands on Connecting, installing, changing antennae. RSSI values. 802.11 802.11-2007, 802.11 post 2007, 802.11 drafts. 802.11 b/g/n. Hands on WiFi performance measurement. Spread Spectrum RF frequency bands, FHSS, DSSS, OFDM. Channels. Hands on Configuring channels. Topologies Mesh, Access points, distribution systems, SSID. Hands on AP configuration. Client connection profiles. 802.11 MAC CSMA/CA, Management frames, control frames, data frames. Passive scanning, active scanning. Open system authentication. Shared Key authentication. Association. RTS/CTS. Power management. Hands on Capturing frames, analysing frames. WiFi architecture WiFi client, WLAN architecture: Autonomous, Centralised, distributed. WiFi bridges. WiFi routers. PoE. Hands on WLAN controllers. Troubleshooting RF interference, multipath, adjacent channels, low SNR, mismatched power. Coverage, capacity. 802.11 Security Basics, Legacy security: WEP, MAC filters, SSID cloaking. PSK, 8021.X/EAP, WPA/WPA2. TKIP/ CCMP encryption. Guest WLANs. Wireless attacks, intrusion monitoring. Hands on WEP cracking, WPA2 configuration. RADIUS. RF Site surveys Protocol and spectrum analysis, coverage analysis. Site survey tools. Hands on Performing a site survey.
Security+ training course description A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. What will you learn Explain general security concepts. Describe the security concepts in communications. Describe how to secure an infrastructure. Recognise the role of cryptography. Describe operational/organisational security. Security+ training course details Who will benefit: Those wishing to pass the Security+ exam. Prerequisites: TCP/IP foundation for engineers Duration 5 days Security+ training course contents General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.
WCNA training course description Wireshark is a free network protocol analyser. This hands-on course provides a comprehensive tour of using Wireshark to troubleshoot networks. The course concentrates on the information needed in order to pass the WCNA exam. Students will gain the most from this course only if they already have a sound knowledge of the TCP/IP protocols. What will you learn Analyse packets and protocols in detail. Troubleshoot networks using Wireshark. Find performance problems using Wireshark. Perform network forensics. WCNA training course details Who will benefit: Technical staff looking after networks. Prerequisites: TCP/IP Foundation for engineers Duration 5 days WCNA training course contents What is Wireshark? Network analysis, troubleshooting, network traffic flows. Hands on Download/install Wireshark. Wireshark introduction Capturing packets, libpcap, winpcap, airpcap. Dissectors and plugins. The menus. Right click. Hands on Using Wireshark. Capturing traffic Wireshark and switches and routers. Remote traffic capture. Hands on Capturing packets. Capture filters Applying, identifiers, qualifiers, protocols, addresses, byte values. File sets, ring buffers. Hands on Capture filters. Preferences Configuration folders. Global and personal configurations. Capture preferences, name resolution, protocol settings. Colouring traffic. Profiles. Hands on Customising Wireshark. Time Packet time, timestamps, packet arrival times, delays, traffic rates, packets sizes, overall bytes. Hands on Measuring high latency. Trace file statistics Protocols and applications, conversations, packet lengths, destinations, protocol usages, strams, flows. Hands on Wireshark statistics. Display filters Applying, clearing, expressions, right click, conversations, endpoints, protocols, combining filters, specific bytes, regex filters. Hands on Display traffic. Streams Traffic reassembly, UDP and TCP conversations, SSL. Hands on Recreating streams. Saving Filtered, marked and ranges. Hands on Export. TCP/IP Analysis The expert system. DNS, ARP, IPv4, IPv6, ICMP, UDP, TCP. Hands on Analysing traffic. IO rates and trends Basic graphs, Advanced IO graphs. Round Trip Time, throughput rates. Hands on Graphs. Application analysis DHCP, HTTP, FTP, SMTP. Hands on Analysing application traffic. WiFi Signal strength and interference, monitor mode and promiscuous mode. Data, management and control frames. Hands on WLAN traffic. VoIP Call flows, Jitter, packet loss. RTP, SIP. Hands on Playing back calls. Performance problems Baselining. High latency, arrival times, delta times. Hands on Identifying poor performance. Network forensics Host vs network forensics, unusual traffic patterns, detecting scans and sweeps, suspect traffic. Hands on Signatures. Command line tools Tshark, capinfos, editcap, mergecap, text2pcap, dumpcap. Hands on Command tools.
Jamf Training, Jamf 300 course,
The IAPP offers the most encompassing, up-to-date and sought-after global training and certification program for privacy and data protection. The Certified Information Privacy Professional (CIPP) helps organizations around the world bolster compliance and risk mitigation practices, and arms practitioners with the insight needed to add more value to their businesses. Skilled privacy pros are in high demand and IAPP certification is what employers want. When you earn an IAPP credential, you earn the right to be recognized as part of an elite group of knowledgeable, capable and dedicated privacy professionals. With the GDPR effective as of May 2018, among its mandates was the requirement to appoint knowledgeable DPOs (data protection officers) tasked with monitoring compliance, managing internal data protection activities, training data processing staff, conducting internal audits and more. There's a lot to know, there's a lot at stake and there's a lot of opportunity for privacy professionals with the right training and education. Achieving a CIPP/E credential shows you have the comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe-and to take advantage of the career opportunity this sweeping legislation represents. About This Course Delivered in a Modular format, the course includes; Module 1: Data Protection Laws Introduces key European data protection laws and regulatory bodies, describing the evolution toward a Harmonised European Legislative Framework. Module 2: Personal Data Defines and differentiates between types of data-including personal, anonymous, pseudo-anonymous and special categories. Module 3: Controllers and Processors Describes the roles and relationships of controllers and processors. Module 4: Processing Personal Data Defines data processing and GDPR processing principles, Explains the application of the GDPR and outlines the legitimate bases for processing personal data. Module 5: Information provision Explains controller obligations for providing information about data processing activities to data subjects and Supervisory Authorities. Module 6: Data Subjects 'Rights Describes data subjects' rights, applications of rights and obligations controller and processor. Module 7: Security or Processing Discusses considerations and duties of controllers and processors for Ensuring security of personal data and providing notification of data breaches. Module 8: Accountability Investigates accountability requirements, data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer. Module 9: International Data Transfers Outlines options and obligations for transferring data outside the European Economic Area, Decisions adequacy and appropriateness safeguards and derogations. Module 10: Supervision and Enforcement Describes the role, powers and procedures or Supervisory Authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance. Module 11: Compliance Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, employers-including processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing. Prerequisites There are no prerequisites for this course but candidates would benefit from reading the freely available materials found on the IAPP website. What's Included? 1 years membership of the IAPP Breakfast, Lunch and refreshments (Classroom courses only) Official Study Guide (European Data Protection, Law & Practice)* Participant Guide* Official Exam Q&A* Official Practice Exam Official Practice Exam* The Exam Fees * In electronic format for Live Online and hard copy for Classroom delegates Who Should Attend? The CIPP/E is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration, including those in the following positions: Cybersecurity Analysts Data Analysts Security Administrators Aspiring Data Protection Officers Accreditation Our Guarantee We are an approved IAPP Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras. The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.
Make a difference in your organization and in your career. The CIPM designation says that you're a leader in privacy program administration and that you've got the goods to establish, maintain and manage a privacy program across all stages of its lifecycle. The CIPM is the world's first and only certification in privacy program management. When you earn a CIPM, it shows that you don't just know privacy regulations-you know how to make it work for your organization. In other words, you're the go-to person for day-to-day operations when it comes to privacy. Developed in collaboration with the law firms, Bird and Bird, Field Fisher, Wilson/Sonsini and Covington and Burling, the CIPM encompasses pan-European and national data protection laws, key privacy terminology and practical concepts concerning the determination of control measures designed to protect personal data and trans-border data flows. About This Course Delivered in a modular format, the course covers; Module 1: Introduction to privacy program management Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management. Module 2: Privacy governance Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks. Module 3: Applicable laws and regulations Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy. Module 4: Data assessments Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments. Module 5: Policies Describes common types of privacy-related policies, outlines components and offers strategies for implementation. Module 6: Data subject rights Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten. Module 7: Training and awareness Outlines strategies for developing and implementing privacy training and awareness programs. Module 8: Protecting personal information Examines a holistic approach to protecting personal information through privacy by design. Module 9: Data breach incident plans Provides guidance on planning for and responding to a data security incident or breach. Module 10: Measuring, monitoring and auditing program performance Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance The CIPM body of knowledge outlines all the concepts and topics that you need to know to become certified. The exam blueprint gives you an idea of how many questions from each topic area you can expect on the exam. Prerequisites There are no prerequisites for this course but attendees would benefit from a review of the materials on the IAPP site What's Included? Breakfast, Lunch and refreshments (Classroom based courses only) The Official Study Guide (Privacy Programme Management - Third Edition)* Official Exam Q&A's* Official Practice Exam Participant Guide* 1 years membership of the IAPP The Exam Fees * In electronic format for Live Online and hard copy for Classroom delegates Who Should Attend? The CIPM is ideal for IT and information security leaders responsible for developing Data Protection frameworks and applying best practice, including those in the following positions: Data Analysts Cyber Security Analysts and Managers Aspiring Data Protection Officers IT Managers Accreditation Our Guarantee We are an approved IAPP Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras. The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.
Duration 4 Days 24 CPD hours This course is intended for This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialize in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organization. The Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organization?s identity and access management systems by using Microsoft Entra ID. Learn to manage tasks such as providing secure authentication and authorization access to enterprise applications. You will also learn to provide seamless experiences and self-service management capabilities for all users. Finally, learn to create adaptive access and governance of your identity and access management solutions ensuring you can troubleshoot, monitor, and report on your environment. The Identity and Access Administrator may be a single individual or a member of a larger team. Learn how this role collaborates with many other roles in the organization to drive strategic identity projects. The end goal is to provide you knowledge to modernize identity solutions, to implement hybrid identity solutions, and to implement identity governance. Prerequisites SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals AZ-104T00 - Microsoft Azure Administrator 1 - Explore identity in Microsoft Entra ID Explain the identity landscape Explore zero trust with identity Discuss identity as a control plane Explore why we have identity Define identity administration Contrast decentralized identity with central identity systems Discuss identity management solutions Explain Microsoft Entra Business to Business Compare Microsoft identity providers Define identity licensing Explore authentication Discuss authorization Explain auditing in identity 2 - Implement initial configuration of Microsoft Entra ID Configure company brand Configure and manage Microsoft Entra roles Configure delegation by using administrative units Analyze Microsoft Entra role permissions Configure and manage custom domains Configure tenant-wide setting 3 - Create, configure, and manage identities Create, configure, and manage users Create, configure, and manage groups Configure and manage device registration Manage licenses Create custom security attributes Explore automatic user creation 4 - Implement and manage external identities Describe guest access and Business to Business accounts Manage external collaboration Invite external users - individually and in bulk Demo - manage guest users in Microsoft Entra ID Manage external user accounts in Microsoft Entra ID Manage external users in Microsoft 365 workloads Implement and manage Microsoft Entra Verified ID Configure identity providers Implement cross-tenant access controls 5 - Implement and manage hybrid identity Plan, design, and implement Microsoft Entra Connect Implement manage password hash synchronization (PHS) Implement manage pass-through authentication (PTA) Demo - Manage pass-through authentication and seamless single sign-on (SSO) Implement and manage federation Trouble-shoot synchronization errors Implement Microsoft Entra Connect Health Manage Microsoft Entra Health 6 - Secure Microsoft Entra users with multifactor authentication What is Microsoft Entra multifactor authentication? Plan your multifactor authentication deployment Configure multi-factor authentication methods 7 - Manage user authentication Administer FIDO2 and passwordless authentication methods Explore Authenticator app and OATH tokens Implement an authentication solution based on Windows Hello for Business Deploy and manage password protection Configure smart lockout thresholds Implement Kerberos and certificate-based authentication in Microsoft Entra ID Configure Microsoft Entra user authentication for virtual machines 8 - Plan, implement, and administer Conditional Access Plan security defaults Plan Conditional Access policies Implement Conditional Access policy controls and assignments Test and troubleshoot Conditional Access policies Implement application controls Implement session management Implement continuous access evaluation 9 - Manage Microsoft Entra Identity Protection Review identity protection basics Implement and manage user risk policy Monitor, investigate, and remediate elevated risky users Implement security for workload identities Explore Microsoft Defender for Identity 10 - Implement access management for Azure resources Assign Azure roles Configure custom Azure roles Create and configure managed identities Access Azure resources with managed identities Analyze Azure role permissions Configure Azure Key Vault RBAC policies Retrieve objects from Azure Key Vault Explore Microsoft Entra Permissions Management 11 - Plan and design the integration of enterprise apps for SSO Discover apps by using Microsoft Defender for Cloud Apps and Active Directory Federation Services app report Configure connectors to apps Design and implement app management roles Configure preintegrated gallery SaaS apps Implement and manage policies for OAuth apps 12 - Implement and monitor the integration of enterprise apps for SSO Implement token customizations Implement and configure consent settings Integrate on-premises apps with Microsoft Entra application proxy Integrate custom SaaS apps for single sign-on Implement application-based user provisioning Monitor and audit access to Microsoft Entra integrated enterprise applications Create and manage application collections 13 - Implement app registration Plan your line of business application registration strategy Implement application registration Register an application Configure permission for an application Grant tenant-wide admin consent to applications Implement application authorization Manage and monitor application by using app governance 14 - Plan and implement entitlement management Define access packages Configure entitlement management Configure and manage connected organizations Review per-user entitlements 15 - Plan, implement, and manage access review Plan for access reviews Create access reviews for groups and apps Create and configure access review programs Monitor access review findings Automate access review management tasks Configure recurring access reviews 16 - Plan and implement privileged access Define a privileged access strategy for administrative users Configure Privileged Identity Management for Azure resources Plan and configure Privileged Access Groups Analyze Privileged Identity Management audit history and reports Create and manage emergency access accounts 17 - Monitor and maintain Microsoft Entra ID Analyze and investigate sign-in logs to troubleshoot access issues Review and monitor Microsoft Entra audit logs Export logs to third-party security information and event management system Analyze Microsoft Entra workbooks and reporting Monitor security posture with Identity Secure Score