Conditional access Threats and Detection
RCCE students will learn conditional access policy design and implementation including risk-based authentication, device compliance requirements, location-based restrictions, and adaptive access controls. RCCE students will learn to create conditional access policies in enterprise identity platforms, enforce MFA based on sign-in risk signals, require device compliance before granting access to sensitive resources, block access from untrusted locations and networks, implement session controls and application restrictions, troubleshoot conditional access policy conflicts, and monitor conditional access logs for policy bypass attempts and unauthorized access patterns. This threat-focused course teaches students to think like adversaries while building robust defenses. Building on core knowledge, RCCE students will learn to analyze attack techniques, build detection logic, and implement defensive strategies that proactively identify threats before they cause damage. Students develop a threat-informed mindset that drives better security decisions across all operational activities.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Conditional access Threats and Detection
- Execute hands-on tasks for conditional access threats
- Execute hands-on tasks for advanced cyber defense mastery
- Explain Executive Overview: Conditional Access fundamentals
- Execute hands-on tasks for what is conditional access?
- Execute hands-on tasks for why it matters — covering Policy engine enforcing if-then access decisions.
- Execute hands-on tasks for strategic importance of conditional access
- Apply zero-trust principles to privilege decisions and elevation
- Measure attack surface reduction and program effectiveness
- Execute hands-on tasks for conditional access policy
- Execute hands-on tasks for sign-in risk — covering If-then rule evaluating signals to enforce access.
- Execute hands-on tasks for device compliance
- Execute hands-on tasks for risk-based authentication
| Module 01 | Conditional Access Threats |
| Module 02 | Advanced Cyber Defense Mastery |
| Module 03 | Executive Overview: Conditional Access |
| Module 04 | What Is Conditional Access? |
| Module 05 | Why It Matters |
| Module 06 | Strategic Importance of Conditional Access |
| Module 07 | Zero Trust |
| Module 08 | Risk Reduction |
| Module 09 | Conditional Access Policy |
| Module 10 | Sign-In Risk |
| Module 11 | Device Compliance |
| Module 12 | Risk-Based Authentication |
| Module 13 | Token Lifetime Policy |
| Module 14 | Continuous Access Evaluation |
All hands-on labs run on Rocheston Rose X OS. Students practice conditional access threats and detection by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for conditional access threats
- Lab 2: Execute hands-on tasks for advanced cyber defense mastery
- Lab 3: Explain Executive Overview: Conditional Access fundamentals
- Lab 4: Execute hands-on tasks for what is conditional access?
- Lab 5: Execute hands-on tasks for why it matters
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Conditional access Threats and Detection, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI