Chapter 5: Azure AD Identity Protection

When you consider how key identity is when planning an Office 365 implementation, the importance of protecting those identities should be given equal priority. Azure AD Identity Protection enables Microsoft 365 administrators to protect their user identities by detecting and recording identity-based risks so that they can be analyzed and investigated, and corrective measures taken.

In this chapter, we will examine the principles of Azure AD Identity Protection, how it can be used to review risky events and flagged user accounts, and create risk-based conditional access policies to improve security. You will learn how to enable this feature within the Azure portal, identify the Identity Protection roles, and conduct investigations to detect risk events and vulnerabilities within your Microsoft 365 environment.

We will cover these topics in the following order:

• Understanding Identity Protection
• Configuring user risk and sign-in risk policies
• Configuring MFA registration policies
• Configuring alert options
• Managing and resolving risk events