Describe access management capabilities of Microsoft Entra ID Flashcards
Describe Conditional Access
It is a feature of Microsoft Entra ID that provides an extra layer of security before allowing authenticated users to access data or other assets.
Describe a Conditional Access Policy
It uses analysis signals including user, location, device, application, and risk to automate decisions for authorization access to resources.
They are enforced after first-factor authentications.
It consists of two components, assignments and access controls.
Assignment- controls the who, what, where, and when of the Condition Access Policy. All assignments are logically ANDed.
Access controls - decides how a policy will be enforced, whether to block access, grant access with extra verification, or apply a session control to enable a limited experience.
Define role-based access controls (RBAC).
It is managing access using roles.
Microsoft Entra built-in and custom roles are a form of RBAC in that MEID roles control access to Microsoft Entra resources. This is referred to as Microsoft Entra RBAC.
Describe Built-in roles
MEID includes many built-in roles, which are roles with a fixed set of permissions. Like:
-Global Administrator: users with this role have access to all admin features. The person who signs in as a tenant automatically gets this role.
-User Administrator: users with this role can create and manage all aspects of users and groups, support tickets, and monitor service health.
-Billing administrator: users with this role make purchases, manage subscriptions and support tickets, and monitor service health.
Describe custom roles
is a collection of permissions that you choose from a preset list.
Step 1. Creating a custom role from a preset list. Step 2 you assign it to a group.