Identity, Access and Security Flashcards

1
Q

What’s the difference between Authentication and Authorization?

A

Authentication = verification of identity

Authorization = granting permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Azure Active Directory (Azure AD)?

A

Azure’s identity and access management service. Cloud version of Active Directory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Azure AD Tenant?

A

An instance of Azure AD representing an organization with distinct identities and settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Single sign-on (SSO)?

A

Signing in multiple independent software systems with only one set of credentials managed by Azure AD.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Multi-Factor Authentication? What 3 types are known?

A

Combining two or more methods of authentication.

Classic credentials plus..

…something that we know (passwords, questions)
…something that we have (trusted device)
…something that we are (biometrics)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are 3 passwordless options in Azure AD?

A

Windows Hello for Business = face recognition, 4-digit PIN

Microsoft Authenticator app = app on user’s phone, PIN or biometrics

FIDO2 Security Key = open standard for passwordless devices like finger prints, etc…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is RBAC?

A

Role-based Access Control

Access management to configure access for users or groups to resources based on three questions:

Who? (User, Group, Admin)
What? (Owner, Reader, Data operator, custom roles)
What scope? (Management group, Subscription, Resource Group, Resource)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Zero trust and its principles?

A

Modern security concept with the following principles:

Assume breach (encryption, segmentation, analytics, threat detection, continuous monitoring, updates)
Use least privilege access (just enough)
Verify explicitly (use all dfata points and every opportunity to authenticate and authorize)

“Assume breach, never trust, always verify”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the 7 layers of In-depth security?

A
  1. Physical (building)
  2. Identity & Access (Azure AD, SSO, MFA)
  3. Perimeter (DDos protection, FWs)
  4. Network (limited communication between resources)
  5. Compute (secure access to VMs)
  6. Application (secure app design without vulnerabilities)
  7. Data (secure storage, encryption)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Security posture?

A

Security score that continuously assesses our security situation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly