Azure Security-AD General Info 2

Question 1

What do I need to define when a risk is identified with identity protection?

Answer 1

I can define a risk policy to perform tasks when a risk is identified with id protection.

Question 2

Why do I need to configure a risk policy with identity protection?

Answer 2

a risk policy helps me indicate what should happen when a risk is detected.

Question 3

Name the two types of risk policies in ID protection?

Answer 3

there is the user and sign in risk policies in ID protection.

Question 4

How is sign-in risk policy measured in ID protection?

Answer 4

the sign-in risk policy measures if the risk is high,med or low and can request additional info like MFA to grant access etc.

Question 5

How is user risk policy measured in ID protection?

Answer 5

the user risk policy can measure any anomalies in user access as compared to normal baseline info saved from previous connectivity from this user.

Question 6

What policy should I use for MFA with ID protection?

Answer 6

the MFA registration policy will allow me to register the users with MFA as a second method to provide authenticity of a user.

Question 7

With ID protection how can I remediate risks?

Answer 7

I can remediate risks with generating reports and investigating these risks and remediating them thereafter.

Question 8

What are the remediation methods for ID protection risks that are detected?

Answer 8

We can use self remediation ie reset pwd, or an admin can reset a pwd, and dismiss risks.

Question 9

Which report with ID protection indicates risk detected devices?

Answer 9

The risky sign in reports provides the details of the devices that are risky with ID Protection.

Question 10

What is PIM-PRIVILEGE IDENTITY MANAGEMENT?

Answer 10

PIM allows us to control,manage and monitor the access rights of admins to my networks resources.

Question 11

What is ZERO TRUST?

Answer 11

zero trust allows me to never trust and always verify.

Question 12

name the four components of a zero trust model?

Answer 12

the device directory, identity provider, policy evaluation service and access proxy.

Question 13

What should I do to limit the need to give more access than is really required?PIM

Answer 13

with PIM I can give only the access that’s actually required for the admins.

Question 14

Can PIM provide the ability to give time based access to resources?

Answer 14

Yes PIM can give us the ability to provide time based access.

Question 15

Why is PIM important?

Answer 15

PIM allows us to monitor the admins and there roles, the access given to people and why do they require a certain level of access.

Question 16

which admin role can assign a user permanently to a role?

Answer 16

the global admin can assign a role on a permanent basis to a user.

Question 17

what does the privilege role administrator manage?

Answer 17

privilege role admin manages PIM.

Question 18

which roles are not managed by PIM?

Answer 18

the exchange online, sharepoint online and resource groups and azure subscriptions are not managed by PIM.

Question 19

which license allows me to use PIM?

Answer 19

PIM is used with the premium license.

Question 20

how many users should we have as privilege role admins?

Answer 20

we should have at least two people in the privilege role admin roles.

Question 21

which admin role is inactive until activated?

Answer 21

the eligible admin role is inactive and only activated when it is required to be used and for a set amount of time.