Conditional access Threats, Tactics, and Defenses
RCCE students will learn conditional access policy design and implementation including risk-based authentication, device compliance requirements, location-based restrictions, and adaptive access controls. RCCE students will learn to create conditional access policies in enterprise identity platforms, enforce MFA based on sign-in risk signals, require device compliance before granting access to sensitive resources, block access from untrusted locations and networks, implement session controls and application restrictions, troubleshoot conditional access policy conflicts, and monitor conditional access logs for policy bypass attempts and unauthorized access patterns. This threat-focused course teaches students to think like adversaries while building robust defenses. Building on core knowledge, RCCE students will learn to analyze attack techniques, build detection logic, and implement defensive strategies that proactively identify threats before they cause damage. Students develop a threat-informed mindset that drives better security decisions across all operational activities.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Conditional access Threats, Tactics, and Defenses
- Execute hands-on tasks for conditional access
- Explain Course Overview fundamentals — covering Learning Objectives.
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for what is conditional access?
- Execute hands-on tasks for core principle — covering IF user + device + location + risk.
- Apply zero-trust principles to privilege decisions and elevation, including IF user + device + location + risk.
- Design a scalable privilege management architecture with policy and enforcement
- Integrate privilege controls with identity providers and SIEM telemetry
- Execute hands-on tasks for policy engine — covering Azure AD / Entra ID.
- Execute hands-on tasks for enforcement point — covering Application gateway.
- Execute hands-on tasks for signal inputs — covering User identity and group membership.
| Module 01 | Conditional Access |
| Module 02 | Course Overview |
| Module 03 | Learning Objectives |
| Module 04 | What Is Conditional Access? |
| Module 05 | Core Principle |
| Module 06 | Core component of Zero Trust |
| Module 07 | Conditional Access Architecture |
| Module 08 | Identity Provider |
| Module 09 | Policy Engine |
| Module 10 | Okta / Ping Identity |
| Module 11 | Enforcement Point |
| Module 12 | Signal Inputs |
| Module 13 | Policy Components Deep Dive |
| Module 14 | Access Controls |
All hands-on labs run on Rocheston Rose X OS. Students practice conditional access threats, tactics, and defenses by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for conditional access
- Lab 2: Explain Course Overview fundamentals
- Lab 3: Execute hands-on tasks for learning objectives
- Lab 4: Execute hands-on tasks for what is conditional access?
- Lab 5: Execute hands-on tasks for core principle
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Conditional access Threats, Tactics, and Defenses, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI