Summary

In this chapter, we examined the process of assigning access rights to users and groups by using Azure AD dynamic groups. You will now be able to configure dynamic groups, membership rules, and rules syntax for more advanced rules. We also showed you how SSPR and MFA can provide authentication security within a Microsoft 365 environment, as well as how these services can be enabled independently or via the newer combined registration portal.

Finally, we demonstrated how group or user access reviews can be carried out to ensure that users' access can be regularly and diligently assessed and adjusted as deemed appropriate.

In the next chapter, we will focus on Azure AD Conditional Access policies and how they can be used in conjunction with features such as MFA to promote compliance.