Identity, Access and Security

Question 1

What is Microsoft Entra and Microsoft Entra ID?

Answer 1

• web version of Microsoft Active Directory
• Identity management system

Question 2

What was Microsoft Entra called before?

Answer 2

Azure Active Directory

Question 3

How do Active Directory and Microsoft Entra compare?

Answer 3

• lot of similiarities but not direct replacements of each other
• Active directory is designed to be run on a server and controls lots of different objects
• Microsoft Entra is cloud focused, still handles identity but it not a replacement
• Active directory procotols do not work over the internet

Question 4

How do you work with Entra?

Answer 4

• you can use Entra APIs to integrate it into your application code and handle authentication and authorization

Question 5

Describe the Entra ID Model?

Answer 5

• Client App -> redirects user to identity provider, log in directly there,
• Identity Provider -> identity provider provides token back to say yes
• Server/Web Server -> receives token from Client app for identification and can check in with identity provider to see if token is valid

Question 6

What are the benefits of using Entra as your identity /authentication manager?

Answer 6

• security: Microsoft is world leader with Active Directory, multiple options to handle authentication needs
• reduced development time + easier support: microsoft offers own support for Entra, and integration is only a few lines of code
• additional features are available: AI can be used to check login patterns and recognize login-threats; conditional access; audit features
• centralized administration
• Single sign-on, tie in with on-premise Active directory
• Integrates with other Azure Services

Question 7

What is Authentication?

Answer 7

• user proving who they say they are
• usually via user id and pw

Question 8

What is Authorization?

Answer 8

• assumes you are who you say you are
• is to ensure that a user is permitted to perform an action

Question 9

What is the Entra function : Conditional Access and what does it consider?

Answer 9

• not all attempts to log into a system are equally safe
• attempts to rank certain attributes across a spectrum as being normal and routine to being highly suspicious and unexpected
• additional steps for verification should be taken at the higher end
• you can configure how risky a login you allow

Question 10

What signals does Conditional Access of Entra ID use?

Answer 10

• User and location
• device (brand new, personal, company, …)
• application to login-to
• real-time risk

Question 11

What are the steps of Conditional Access of Entra Id?

Answer 11

1. Signals to consider
2. Verification of every access attempts
3. Access to Apps and data

Question 12

What options exist in Conditional Access in Entra Id to verify every access attempt?

Answer 12

1. Allow Access
2. Require MFA
3. Block access

Question 13

What are Factos in Multi-Factor Authentication?

Answer 13

• Something you know
• Something you have
• Something you are

Question 14

What are examples for the factors in MFA?

Answer 14

• Know: Password
• Have: Smartphone (SMS, authentication app)
• Are: Fingerprint, Face scan, fingerprint

Question 15

Describe the “Passwordless” alternative to MFA

Answer 15

• using gestures to login, like swiping a symbol
• using a pin or biometrics recognition (Iris, face, fingerprint)
• ## all the data is kept on the device

Question 16

Describe Role-based Access control

Answer 16

• microsofts preferred solution for authorization
• hundreds of built-in roles in entra
• possibility of custom roles
• distinction between entra administrator and administering the roles and custom roles for applications your are developing

Question 17

Name an example for a role

Answer 17

Developer-role with all rights to create apps, restarts apps, scale services, create directories, …

Question 18

What is the Principle of Least Privilege?

Answer 18

• everyone only has the rights/privileges to do, what he needs to do
• you try to get granular with the assignments

Question 19

How do you deal with extra permissions in addition to roles?

Answer 19

• not adviced to do so
• try to avoid unexpected expections with special privileges for certain users

Question 20

What roles are very common in Entra Id?

Answer 20

• Reader
• Contributor
• Owner

Question 21

What are Owner-level permissions?

Answer 21

• full access to that particular resource
• and also allow to assign permissions to users

Question 22

What are Contributor-level permissions?

Answer 22

• full access to a resource
• but you cannot share that permission with anybody else

Question 23

What are Reader-level permissions?

Answer 23

• Read-only permissions

Question 24

What is the Zero-Trust Model of Security?

Answer 24

• you can’t trust any connection or request regardless of where it comes from
• you’re going to force every request to include a proof of whos making it

Question 25

What are the zero trust principles within Microsoft?

Answer 25

**1. Verify explicitly **(instead of verify a token once and make it usable for the rest of a day, verify more intensly)
2. Principle of Least Privilege (Tone done who has access to what)
3. Assume breach - think there is already a breach happening, redesign how applications talk to each other, how data gets stored within network drives, databases etc.

Question 26

Name example ways of verifying identity

Answer 26

• user ID + password
• include other things like IP addresses, geographic location, same device
• add additional elements

Question 27

What is Just-in-Time access?

Answer 27

• elevation of privilege for just a short period of time
• like 30 or 60 min
• afterwards go back

Question 28

What does the Zero-Trust approach mean for network security?

Answer 28

• security inside network needs to exist
• utilizing encryption so that applications inside the network are communicating using encrypted HTTPS type channel
• network segmentation to reduce access to physical networks to users who need it
• threat detection

Question 29

What is included in Threat intelligence? And what does is enable=?

Answer 29

• analytics
• automation
• monitoring

Enables to see, who access what using what device

Question 30

What is the Concept of Defense in Depth?

Answer 30

• You are way more secure the more defence you have in place
• use multiple security layers

Question 31

Name a few examples of Defense in Depth

Answer 31

• Data - i.e. virtual network endpoint
• application - API manamgent
• Compute - Windows Update
• Network- NSG, use of subnets, deny by default
• Perimeter - i.e. DDoS, firewalls
• Identity & access - Entry ID
• Physical - Door locks and key cards

Question 32

What is the Concept Microsoft Defender for Cloud?

Answer 32

• non-free Service for Security in Azure
• based on the services, production infrastructure you get several security products to enhance security on them
• 30 day free trial
• also includes governance, anti-virus, …

Question 33

Which Azure Service provides network traffic filtering across multiple subscriptions and virtual networks?

Answer 33

• Azure Firewall
• managed, cloud-based network security service
• that protects your Azure Virtual Network Resources
• stateful firewalls as a service and built-in high availability and unrestricted cloud scalability