Analyze PIM audit history and reports
Create and manage break-glass accounts
Design a strategy for monitoring Azure AD
Review and analyze sign-in, audit, and provisioning logs by using the Azure AD console
Configure diagnostic settings, including Log Analytics, storage accounts, and Event Hub
Monitor Azure AD by using Log Analytics, including KQL queries
Analyze Azure AD by using workbooks and reporting in the Azure AD console
Monitor and improve the security posture by using the Identity Secure Score
Recommend a deployment model for a specific scenario
Recommend a name resolution strategy
Define fully qualified domain name (FQDN) and region name
Recommend a public and internal IP strategy
Define static routes or Border Gateway Protocol (BGP) configuration
Recommend a datacenter firewall integration strategy
Choose between Azure Active Directory (Azure AD) and Active Directory Federation Services (AD FS)
Validate identity provider and network by using the Azure Stack Hub Readiness Checker tool