Interactive Lab: MFA and CA Deployment

Interactive Lab: MFA and Conditional Access Deployment

This lab uses the investigation engine to walk you through deploying MFA and conditional access for Northgate Engineering. You'll make deployment decisions at each stage — creating break-glass accounts, building conditional access policies, handling exceptions, responding to a compromised account alert, and writing the first notification to management.

What you practised

This lab tested your ability to execute the complete identity security deployment: break-glass account creation, conditional access policy configuration (MFA, legacy auth blocking, device compliance in report-only), exception handling for shared accounts and executives, compromised account response (the 15-minute procedure), and management reporting. The key judgment calls were sequencing (what to deploy first), exception handling (how to handle the CEO's MFA refusal without creating a gap), and response speed (contain before investigate).

Connection to Module AD2

With identity secured, the next module addresses the delivery mechanism: email. You'll configure Defender for Office 365 Safe Links and Safe Attachments, set up email authentication (SPF, DKIM, DMARC), and tune anti-phishing policies to catch the sophisticated phishing that basic EOP filtering misses.