Visão Geral

A implementação de estratégias adequadas de Gestão de Identidade (IdM) e Gestão de Acesso à Identidade (IAM) fortalece simultaneamente a segurança e simplifica o acesso a recursos críticos. Neste Curso Identity Management, você aprenderá a implementar o SSO por meio de uma base sólida baseada em PKI padrão do setor, gerenciamento de identidade federada e tecnologias de nuvem emergentes. Você também aprenderá a utilizar a solução de gerenciamento de identidades da Microsoft, anteriormente chamada de Forefront, para sincronizar identidades localizadas em lojas diferentes.

Objetivo

Após concluir este Curso Identity Management, você será capaz de:

• Implementar gerenciamento de identidade/acesso para controlar o acesso aos recursos de TI
• Construa uma infraestrutura de chave pública (PKI) para gerenciar a confiança entre IdPs de provedores de identidade e RPs de terceiros confiáveis
• Simplifique a autenticação de identidade para aplicativos com declarações
• Autentique-se perfeitamente na nuvem com o Federated Identity Management (FIM)
• Sincronize identidades entre armazenamentos de autenticação diferentes com o MIM 2016

Materiais

Conteúdo Programatico

Identity and its theft

1. Eliminating vulnerabilities in identification and authentication processes
2. Compromising multiple identities
3. Exploiting Object ID OID identities

Ensuring strong authentication

1. Enforcing authentication with biometrics
2. Requiring multifactor authentication with smart cards
3. Migrating to virtual smart cards and Trusted Platform Module TPM

Implementing Single Sign-On (SSO)

1. Interoperating via open industry standards, federated logon and claims
2. Applying Kerberos identities in a domain

Surveying IdM solutions

1. Making identities portable with Secure Tokens
2. On-premises and cloud-based identity management
3. Synchronizing Identities

Discovering identity stores

1. Exploring identities in Kerberos tickets and AD attributes
2. Identifying identities in SQL databases

Demystifying MIM 2016

1. Importing identities from Connected Data Source CDS into Connector Space CS
2. Synchronizing identities into Metaverse MV
3. Managing identities and rules with the SharePoint MIM Portal

Inside PKI X.509 v3 certificates

1. Expiring identities with certificate lifetimes
2. Verifying identities with Subject Alternative Name
3. Binding identities to certificates

Establishing trust via certificates

1. Validating trust with digital signatures
2. Creating entity trust by importing a root CA
3. Distributing trust to subordinate CAs
4. Flowing trust with domain Group Policy Object GPO

Building an enterprise trust hierarchy

1. Publishing Certificate Revocation Lists (CRLs)
2. Increasing security with an offline root CA
3. Accessing directories with LDAP
4. Configuring Online Certificate Status Protocol OCSP

Trusting an external identity provider

1. Forming a certificate chain
2. Locating the CA Trust Anchor

Federated management with Microsoft AD FS

1. Authenticating with a trusted Identity Provider IdP
2. Controlling access with claims
3. Verifying SAML tokens with Relaying Party RP
4. Striving for universally interoperable and portable identity

Creating claims-aware applications

1. Building claims-aware applications with Windows Identity Foundation WIF
2. Abstracting SAML, WS-Trust and WS-Federation protocols

Trusting external Identity Providers

1. Extending ADFS externally with Web Application Proxy WAP
2. Mapping external ADFS namespaces with DNS

Windows Azure federation

1. Extending on-premises Active Directory (AD) to Azure AD
2. Implementing SSO in Azure for Office 365 and SaaS applications

Amazon AWS federation

1. Authenticating with Amazon IAM roles
2. Microsoft federated log-in to Amazon services using SAML tokens

Enrolling mobile devices

1. Joining devices with Workplace Join
2. Enacting Device Registration Services DRS

Planning a Federated Identity Roadmap

1. Achieving the FICAM IdM vision
2. Creating organizational identity management policy