Hybrid Identity is the process of connecting your on-premises Active Directory with your Azure Active Directory. You do this to enable a single account to have access to resources on-premises and in the cloud. There are many other security benefits as well.


A security engineer uses Hybrid Identity to share identity, authentication, and access across on-premises and cloud resources; you will work on such tasks as:

  • Connect your on-premises AD with your Azure AD.
  • Select the best authentication option based on your user's needs and your security goals.
  • Configure authentication options to create your most secure environment.

Skills measured

Azure Active Directory is a part of Exam AZ-500: Microsoft Azure Security Engineer.

Manage identity and access (30-35%)

  • Manage Azure AD identities

    • configure authentication methods including password hash and Pass-Through Authentication (PTA), OAuth, and passwordless

Learning objectives

In this module, you will:

  • Configure and deploy Azure AD Connect.
  • Configure password hash synchronization.
  • Implement pass-through authentication.
  • Select and configure the optimal authentication method based on your security posture.
  • Deploy password writeback.