Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Azure Fundamentals > Identity, access and security > Flashcards

Identity, access and security Flashcards

1
Q

Azure directory services

A
  • Entra ID is a service that enables sign in and access to MS cloud applications and custom cloud applications.
  • For on-prem, Active Directory running in Windows provides identity and access management
  • Entra ID can be connected to AD to assist in maintaining the AD deployment, and add extra features such as sign-in monitoring
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Entra ID users

A
  • IT admins: control access to applications and resources
  • App developers: add standard functionality to applications such as SSO or working with existing user credentials
  • Users: manage their identities, self-service password reset
  • Online service subscribers: users of 365, Office 365, Azure and MS CRM are already using Entra ID to authenticate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Entra ID do?

A
  1. Authentication: verifying identity to access applications, password management, MFA, banned passwords, smart lockout etc.
  2. SSO: remember only one username and one password to access multiple applications
  3. Application management: features such as Application Proxy, SaaS apps, single sign-on etc
  4. Device management: registration of devices, which enables features such as device-based Conditional Access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Connecting On-prem AD with Entra ID

A

Connecting on-prem AD with cloud-based Entra ID precludes the need to maintain two separate identity sets.

MS Entra Connect can synchronise user identities between on-prem AD and Entra ID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Microsoft Entra Domain Services?

A
  • A service that provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP) and Kerberos/NTLM authentication.
  • Let’s customers run legacy applications in the cloud that can’t use modern authentication methods
  • Customer defines a unique namespace, which becomes the domain name. Two Windows Service domain controllers are then deployed to the selected Azure region, and Azure handles the management, configuration and updating of the domain controllers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Azure authentication

A
  • Authentication is the process of establishing the identity of a person, service or device, whom is required to provide some type of credential to prove who they are.
  • Azure supports multiple authentication methods:
    • Standard passwords
    • Single sign-on (SSO)
    • Multifactor authentication (MFA)
    • Passwordless
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Single sign-on (SSO)

A
  • Enables a user to sign in one time and use that credential to access multiple resources and applications from multiple providers. Those applications/providers must trust the initial authenticator.
  • With SSO, the user only has to remember one ID and one password, as opposed to multiple which places strain on the user to remember, IT help desks to support, and presents a greater security risk.
  • As users change roles or leave an organisation, access it tied to only one identity, which reduces effort for both users and administrators.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Azure Fundamentals (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions