Identity, Access and Security Flashcards
What’s the difference between Authentication and Authorization?
Authentication = verification of identity
Authorization = granting permission
What is Azure Active Directory (Azure AD)?
Azure’s identity and access management service. Cloud version of Active Directory.
What is Azure AD Tenant?
An instance of Azure AD representing an organization with distinct identities and settings.
What is Single sign-on (SSO)?
Signing in multiple independent software systems with only one set of credentials managed by Azure AD.
What is Multi-Factor Authentication? What 3 types are known?
Combining two or more methods of authentication.
Classic credentials plus..
…something that we know (passwords, questions)
…something that we have (trusted device)
…something that we are (biometrics)
What are 3 passwordless options in Azure AD?
Windows Hello for Business = face recognition, 4-digit PIN
Microsoft Authenticator app = app on user’s phone, PIN or biometrics
FIDO2 Security Key = open standard for passwordless devices like finger prints, etc…
What is RBAC?
Role-based Access Control
Access management to configure access for users or groups to resources based on three questions:
Who? (User, Group, Admin)
What? (Owner, Reader, Data operator, custom roles)
What scope? (Management group, Subscription, Resource Group, Resource)
What is Zero trust and its principles?
Modern security concept with the following principles:
Assume breach (encryption, segmentation, analytics, threat detection, continuous monitoring, updates)
Use least privilege access (just enough)
Verify explicitly (use all dfata points and every opportunity to authenticate and authorize)
“Assume breach, never trust, always verify”
What are the 7 layers of In-depth security?
- Physical (building)
- Identity & Access (Azure AD, SSO, MFA)
- Perimeter (DDos protection, FWs)
- Network (limited communication between resources)
- Compute (secure access to VMs)
- Application (secure app design without vulnerabilities)
- Data (secure storage, encryption)
What is Security posture?
Security score that continuously assesses our security situation