Defender for Identity Flashcards

1
Q

In Microsoft Defender for Identity, the _____ feature can be used to understand how attackers can move laterally within the organization to compromise sensitive accounts.

A. Pass the Ticket
B. Overpass the Hash
C. Clear-text Passwords
D. Visual Lateral Movement Paths
E. I don’t know

A

D. Visual Lateral Movement Paths

Explanation:
A feature in Defender for Identity called Visual Lateral Movement Paths can be used to understand how attackers can move laterally within the organization to compromise sensitive accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In order to communicate with the Microsoft Defender for Identity cloud service from the portal, you must ensure port _____ is open in your firewall or proxy to *.atp.azure.com.

A. 443
B. 53
C. 135
D. 137
E. I don’t know

A

A. 443

Explanation:
In order to communicate with the Defender for Identity cloud service from the portal, you must ensure port 443 is open in your firewall or proxy to *.atp.azure.com.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Microsoft Defender for Identity sensors can receive _____ accounting information from your VPN provider.

A. RADIUS
B. DIAMETER
C. CIRCUMFERENCE
D. HYPOTENUSE
E. I don’t know

A

A. RADIUS

Explanation:
The sensors will capture and inspect the local traffic of your domain controllers. They will receive Windows events directly from the domain controllers, and the sensors can even receive RADIUS accounting information from your VPN provider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which Microsoft Defender for Identity component collects and parses data?

A. portal
B. cloud service
C. sensors
D. endpoint
E. I don’t know

A

C. sensors

Explanation:
You have the Defender for Identity sensors, which collect and parse the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The Power Option for a server running a Microsoft Defender for Identity sensor should be set to _____.

A. High Performance
B. Backup
C. High Efficiency
D. Constant
E. I don’t know

A

A. High Performance

Explanation:
The Power Option for the server running the Defender for Identity sensor should also be set to High Performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly