Sector 2022 Conference Presentation: Azure AD and Microsoft 365 Security Fundamentals

255 Front St W, Toronto, Ontario M5V 2W6, Canada
SecTor Event Page SecTor Presentation SecTor Recording

SecTor is Canada's premium IT Security Education Conference. This annual event is where IT Security professionals gather to learn from and network with the world's most innovative, intellectual, exciting and entertaining security professionals. We are delighted to announce to that our President, Peter Carson, will be speaking at the conference.

Azure AD and Microsoft 365 Security Fundamentals

October 5, 2022 | 1:30 - 2:30PM

Microsoft invests massively both to provide the tools to protect organizations against cyberattacks, as well as to actively identify and defend against them. Unfortunately, most organizations don't take full advantage of these tools, and many leave themselves very exposed.

This session is an overview of a full day workshop on the same topic. With so much to cover there is much less demo, but still the high-level explanation of the many different security components available in the Microsoft cloud, how they relate, and scenarios on using them.

The session will also include a walk-through of the presenter’s open-source solution for collecting and analyzing Azure AD user, group, and audit data in a Power BI dashboard. The tool is available at

Scenarios that we will go through include the following:

  • Navigating through the various admin portals
  • Azure AD
    • Conditional Access Policies
      • Report only
      • Emergency accounts
      • MFA
      • Legacy Authentication
      • Admin, Member, and Guest policies
      • Sensitivity labels in conjunction with Conditional Access Policies and Rights Management
    • Branding
    • External Identities configuration
      • General settings
      • Identity Providers - One time passcode, Google, Facebook
      • Cross-tenant settings support for B2B collaboration and direct connect (Teams Shared Channels)
      • Trust settings for external organizations and leveraging that in Conditional Access Policies
      • Terms of use
    • Identity Protection
  • Improving your Microsoft Secure Score
  • Microsoft 365
    • Teams, SharePoint, and OneDrive security and sharing settings
    • Sensitivity labelling

Topics covered include:


  • Identity Fundamentals (Azure AD Integration and Hybrid Authentication)
  • Azure AD Connect and Health Reporting
  • Assigned and Dynamic groups
  • Entitlement managed
  • Delegated user management


  • Authentication
    • Pass-through
    • Password hash synchronization
    • Passwordless authentication
    • Federation
    • SMS
  • Multifactor Authentication (MFA)
  • Conditional Access
  • Self-Service Password reset
  • Identity Protection
  • Application Proxy
  • Password protection
  • Privileged Identity Management


  • Auditing
  • Terms of use
  • Azure Information Protection
  • Azure Rights Management
  • Microsoft Purview compliance portal


  • Microsoft Entra
  • Azure AD licensing - Free, Office 365, P1 and P2
  • Enterprise Mobility + Security
  • Microsoft 365 and Office 365 subscriptions
  • Defender for Office 365
  • External Identities

The session will be jam-packed with links to articles both in Microsoft Docs, and articles written by presenter and Microsoft Office Apps and Services MVP Peter Carson.