This project focuses on strengthening identity and access security using Microsoft Entra ID security features such as Conditional Access, Privileged Identity Management (PIM), Multi-Factor Authentication (MFA), and identity monitoring.
The environment simulates real-world identity protection scenarios and validates secure administrative access practices.
The project includes:
- Conditional Access policy configuration
- MFA enforcement and testing
- Privileged role assignment using PIM
- Risky sign-in monitoring
- Sign-in and audit log analysis
- Secure user and group management
- Microsoft Entra ID
- Conditional Access Policies
- Privileged Identity Management (PIM)
- Multi-Factor Authentication (MFA)
- Azure Sign-In Logs
- Azure Audit Logs
- PowerShell
Created test users and a dedicated security group for Conditional Access policy targeting.
| Type | Name |
|---|---|
| User | demo-user1 |
| User | demo-user2 |
| Group | grp-security-testers |
- Users added successfully to security group
- Group used later for Conditional Access targeting
Configured a Conditional Access policy to require Multi-Factor Authentication for Azure management access.
| Setting | Value |
|---|---|
| Policy Name | MFA for Security Testers |
| Target Group | grp-security-testers |
| Target Application | Microsoft Azure Management |
| Access Control | Require MFA |
- MFA prompt triggered successfully
- Tested using incognito browser session
A simulated risky sign-in event was generated and detected successfully by Microsoft Entra ID Protection.
- Risky sign-in detected for
demo-user1 - Conditional Access policy enforced MFA
- Event reviewed under:
Entra ID Protection > Risky sign-ins
Configured Privileged Identity Management for secure administrative role activation.
| User | Role | Assignment Type |
|---|---|---|
demo-user1 |
Security Administrator | Eligible |
- Role activated successfully through PIM
- Verified under:
PIM > My Roles
Reviewed authentication activity and administrative actions using Microsoft Entra monitoring tools.
- Sign-In Logs
- Audit Logs
- MFA activity
- Role activation events
The project includes a prototype PowerShell automation script:
automation/setup-identity-hardening.ps1The script automates:
- Demo user creation
- Security group creation
- Conditional Access policy deployment
entra-id-identity-hardening/
├── README.md
├── Screenshots/
├── docs/
├── automation/
└── scripts/- Reduced administrative exposure using PIM
- Enforced MFA for privileged access
- Improved visibility into authentication activity
- Risk-based identity monitoring
- Controlled access through Conditional Access policies
Planned enhancements include:
- Identity Governance testing
- Access Reviews
- Entitlement Management
- Defender for Identity integration
- Microsoft Sentinel integration
- Simulated leaked credential scenarios
- Conditional Access is critical for protecting cloud identities
- PIM reduces standing administrative privileges
- MFA significantly improves identity security posture
- Sign-in and audit logs provide valuable visibility into identity activity
- Identity protection should combine prevention, monitoring, and least privilege access
Completed — continuously expanding with additional identity security and monitoring scenarios.