Describe Azure identity, access, and security Flashcards

1
Q

Define ‘Microsoft Entra ID’

A

Cloud-based directory service that enables you to sign in and access both Microsoft cloud applications and cloud applications that use Entra ID as an IDP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Microsoft Entra ID also referred to as?

A

Identity and access management service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can app developers leverage Microsoft Entra ID?

A

Adding SSO functionality to an app or enabling an app to work with a user’s existing credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the four main functions of Microsoft Entra ID?

A
  1. Authentication
  2. Single sign-on (SSO)
  3. Application management
  4. Device management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define ‘Microsoft Entra Connect’

A

Method of synchronizing user identities and changes to identities between on-premises AD and Entra ID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define ‘Microsoft Entra Domain Services’

A

A cloud based DC; Provides managed domain services such as domain join, group policy, LDAP, and Kerberos/NTLM authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How can legacy applications leverage Microsoft Entra Domain Services?

A

Entra Domain Services lets you run legacy applications in the cloud that can’t use modern authentication methods.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How is a Microsoft Entra Domain Service established?

A

By defining a unique namespace (domain name); A replica set (two DCs) of DCs are deployed into your azure region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Who manages the DCs that are apart of Microsoft Entra Domain Services?

A

The Azure platform manages, configures, updates, backups, and encrypts the replica set.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How is information synched in a managed domain?

A

Configured to perform a one-way synchronization from Microsoft Entra ID to Microsoft Entra Domain Services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How is information synched in a hybrid AD and Entra ID domain?

A

Microsoft Entra Connect synchronizes identity information with Microsoft Entra ID, which is then synchronized to the managed domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How are applications, services, and VMs in azure managed?

A

If they connect to a managed domain, they can used Microsoft Entra Domain Services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define ‘Microsoft Entra multifactor authentication’

A

A Microsoft service that provides multifactor authentication capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define ‘passwordless authentication’

A

Replaces passwords with something you have, plus something you are, or something you know.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How does passwordless authentication function?

A

Passwordless authentication needs to be set up on a device before it can work; The computer is registered to a user (something you have) and is tied to the users PIN/Fingerprint (something you know/something you are).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What 3 forms of passwordless authentication integrate with Entra ID?

A
  1. Windows Hello for Business
  2. Microsoft Authenticator app
  3. FIDO2 security keys
17
Q

What is the best use case for ‘Windows Hello for Business’

A

Ideal for information workers that have their own designated Windows PC.

18
Q

How does ‘Windows Hello for Business’ function?

A

The biometric and PIN credentials are directly tied to the user’s PC, which prevents access from anyone other than the owner.

19
Q

How is Windows Hello for Business convenient for the end user?

A

Uses PKI and SSO to provide seamless access to on-premises and cloud resources.

20
Q

How can the Microsoft Authenticator app be used for passwordless authentication?

A

Sends a notification to their phone, matching a number displayed on the screen to the one on their phone, and then using their biometric (touch or face) or PIN to confirm.

21
Q

Define an ‘external identity’

A

A person, device, service, etc. that is outside your organization.

22
Q

What are the 3 ways external identities are leveraged?

A
  1. B2B collaboration
  2. B2B direct connect
  3. Microsoft Azure Active Directory business to customer (B2C)
23
Q

How do external identities function in B2B collaboration?

A

External users are able to sign-in and identity with your cloud applications; B2B collaboration users are typically represented in your directory as guest users.

24
Q

How do external identities function in B2B direct connect?

A

Establish a mutual, two-way trust with another Microsoft Entra organization for seamless collaboration in Microsoft Teams Channels allowing access to resources.

25
Q

How do external identities function in Microsoft Azure Active Directory business to customer (B2C)?

A

SaaS apps or custom-developed apps that use Azure AD B2C for identity and access management.

26
Q

Define the purpose of ‘Microsoft Defender for Cloud’

A

A monitoring tool for security posture management and threat protection.

27
Q

Define the function of ‘Microsoft Defender for Cloud’

A

Provides the tools needed to harden your resources, track your security posture, protect against cyber attacks, and streamline security management.

28
Q

How is Microsoft Defender for Cloud implemented?

A

Natively integrated to Azure.

29
Q

How can Microsoft Defender for Cloud be extended to hybrid and multi-cloud environments?

A

Azure Arc.

30
Q

What native azure services/applications can be protected by Microsoft Defender for Cloud?

A

Azure PaaS services, Azure data (SQL) services, and Networks/VMs.