AZ-204: Implementing Azure Security Competency 2023 (Intermediate Level)

  • 30m
  • 30 questions
The Implementing Azure Security Competency (Intermediate Level) benchmark measures your ability to secure applications using the Microsoft identity platform and a variety of tools and techniques, including OAuth 2.0 and OpenID, Microsoft Authentication Library (MSAL), Microsoft Graph API, identity federation, automatic user provisioning, and Continuous Access Evaluation (CAE) APIs. You will be evaluated on your skills in working with Azure Active Directory using Azure AD Domain Services, single sign-on, multi-factor authentication, and Azure AD Identity Protection and using the Azure App Configuration service. A learner who scores high on this benchmark demonstrates that they have the skills to implement user authentication and authorization and secure cloud solutions.

Topics covered

  • configure notifications for Azure Active Directory Identity Protection
  • create an Azure Active Directory managed domain
  • create a new tenant in Azure Active Directory
  • describe how security tokens are used
  • identify the Identity platform best practices
  • implement role-based access control (RBAC) to secure access to the configuration store
  • manage configuration as code using Azure DevOps
  • manage users, groups, and licenses in Azure Active Directory
  • monitor the usage and performance of the configuration store
  • organize key-value pairs using labels and hierarchy
  • provide authentication services by using Azure AD DS to synchronize users and groups from Azure AD
  • secure user sign-in with Azure multi-factor authentication
  • setup a high available configuration store across multiple regions
  • setup and manage a configuration store
  • store and manage secrets in Azure App Configuration service
  • use Continuous Access Evaluation APIs in your application
  • use Microsoft Authentication Library (MSAL) to acquire security tokens from the Microsoft identity platform to authenticate users and access secured web APIs
  • use Microsoft Graph API to access and manage devices
  • use Microsoft Graph API to access and manage mail and calendar
  • use Microsoft Graph API to access and manage OneDrive and SharePoint
  • use Microsoft Graph API to access and manage Teams
  • use Microsoft Graph API to access and manage users and groups
  • use Microsoft Graph API to create and update custom connectors
  • use Microsoft Graph API to work with reporting and analytics
  • use SCIM and Microsoft Graph to provision users
  • use single sign-on (SSO)
  • use the Azure App Configuration service to manage feature flags in applications
  • use the identity platform to add auth functionality to your app
  • use the Microsoft identity platform to authenticate and authorize users in your web app
  • use workload identity federation to access Azure Active Directory (Azure AD)