Describe the identity protection and governance capabilities of Azure AD Flashcards

1
Q

Describe Microsoft Entra ID Governance

A

ID Governance gives organizations the ability to do the following tasks:
-Govern the identity lifecycle.
-Govern access lifecycle
-Secure privileged access for administration

It’s intended to help org address these four key questions:
-Which users should have access to which resource?
-What are those users doing with that access?
-Are there effective organizational controls for managing access?
-Can auditors verify that the controls are working?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define Identity Lifecycle - Microsoft Entra ID Governance

A

Many organizations model the “join, move, and leave” process.
Join - joins the company and role will need to be created.
move - changes roles and role will need to be modified
leave - leaves the company and role may need to be deleted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define Access Lifecycle - Microsoft Entra ID Governance

A

It is the process of managing access throughout the user’s organizational life. Orgs can automate the access lifecycle process by creating dynamic groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define Privileged access lifecycle - Microsoft Entra ID Governance

A

Microsoft Entra Privileged Identity Management (PIM) provides extra controls tailored to securing access rights.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe access reviews

A

Microsoft Entra access reviews enable orgs to efficiently manage group memberships.

Some use cases:
-Too many users in privileged roles
-Business critical data access - ask people regularly to justify why they need access.
-To maintain a policy’s exception list that is checked regularly
-Ask group owners to confirm they still need guests in their groups
-Have reviews recur periodically.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define Multi-stage access reviews

A

This supports up to three review stages, in which multiple types of reviewers engage in determining who still needs access to company resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe Entitlement Management

A

is an identity governance feature that enables organizations to manage the identity and access lifecycle at scale. It automates access request workflows, access assignments, reviews, and expiration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe Privileged Identity Management (PIM)

A

It is a service of MEID that enables you to manage, control, and monitor access to important resources in your org.

PM is:
-Just in time,
-Time-bound, by assigning start and end dates that indicate when a user can access resources.
-Approval-based, requiring specific approval to activate privileges.
-Auditable, allowing a full access history.

PIM reduces the chance of malicious actors getting access by minimizing the number of people who have access to secure information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What can you do with PIM?

A

You can use PIM with:

-Microsoft Entra roles - these roles include built-in and custom roles to manage Microsoft Entra ID and other Microsoft 365 online services
-Azure roles - The role-based access controls (RBAC) roles in Azure grant access to management groups, subs, resource groups, and resources.
-PIM for Groups - the feature can be used to govern access to various scenarios that include Microsoft Entra roles, Azure roles, as well as Azure SQL, Azure key Vault, Intune, other app roles, and third-party apps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe Microsoft Entra ID Protection

A

Identity Protection is a tool that allows organizations to accomplish three key tasks:
-Automate the DETECTION and REMEDIATION of identity-based RISKS.
-INVESTIGATE RISKS using data in the portal.
-EXPORT RISK detection data to third-party utilities for further analysis.

1.) Detect risk - risk can be detected at the user and sign-in level, can be categorized as low, medium, or high, and may be calculated in real-time and offline.
2.) Investigate risks - provides orgs with 3 reports (risky user, risky sign-ins, and risk detection).
3.) Remediate - Orgs can enable automated remediation using their risk policies. It can require them to perform a multifactor authentication and if successful then the risk is automatically remediated.
4.) Export - data from these reports can be exported for archiving, further investigation, and correlation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Describe Microsoft Entra Permissions Management

A

Microsoft Entra Permissions Management is a cloud infrastructure entitlement management (CIEM) product that provides comprehensive visibility and control over permissions for any identity and any resource in Microsoft Azure, AWS, and Google Cloud Platform.

Reasons why they created this:
-Orgs have multiple cloud providers
The number of high-risk cloud permissions is exploding
-Security teams are under increased pressure to keep things safe
-the inconsistency between cloud providers makes it more complex to manage.

Permission Management detects, automatically right-sizes (remediates), and continuously monitors unused and excessive permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe Microsoft Entra Verified ID

A

It is a managed verifiable credentials service based on open standards. Verified ID automates verification of identity credentials and enables privacy-protected interactions between organizations and users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly