Create a Conditional Access Policy Design: The Castle Bypass скачать в хорошем качестве

Create a Conditional Access Policy Design: The Castle Bypass

In the second video in our series on Practical Conditional Access, we are talking about requiring MFA except when you are in a trusted location. This type of policy is common but increases an organization's risk due to the bypass. So in this video, we will walk through a design called "The Castle Bypass" which fixes some of the issues with using a trusted location. In this video, we will be focusing on the design of the "The Castle Bypass" policy. The Castle Bypass policy goal is as follows: • Require MFA for all access except trusted locations • Block Legacy Auth • Require Admins to MFA always • Require Guests to MFA • Require MFA Registration from on Prem By the end of the video, you will have a solid CA policy that will keep your environment safe and secure. So if you are looking for a step-by-step guide on creating a Conditional Access Policy, be sure to watch this video, and stay tuned for the next videos in the series. Where we will look at device-based policies. R E S O U R C E S https://github.com/dougsbaker/Public-... https://learn.microsoft.com/en-us/azu... https://learn.microsoft.com/en-us/azu.... C H A P T E R S 00:00 Intro 01:15 Policy Design 03:53 Setting Overview & Named Locations 05:43 [MFA] Admin Accounts 07:40 [MFA] Standard Users (Non-Trusted Locations) 10:37 [MFA] Guest Users 11:45 [Block] Legacy Auth 13:20 [MFA] MFA Registration (Non-Trusted Locations) 17:30 Testing / Demo Experience of TAP 2:48 Video Wrap up