Identity and Governance Flashcards by Skip Miller

What role is required to create new cloud-only users in Azure AD using the CLI?

Global Administrator or User Administrator.

How well did you know this?

Not at all

Perfectly

Can a group in Azure AD contain service principals?

Yes.

How well did you know this?

Not at all

Perfectly

What license is required to create a dynamic group in Azure AD?

Premium AD license.

How well did you know this?

Not at all

Perfectly

What role must you be assigned to enable or disable devices in Azure AD?

Global Administrator.

How well did you know this?

Not at all

Perfectly

What happens when a device is disabled in Azure AD?

It prevents the device from accessing Azure AD resources.

How well did you know this?

Not at all

Perfectly

Who can invite guests to Azure AD by default?

All users and admins.

How well did you know this?

Not at all

Perfectly

Which option should be used for personal devices in Azure AD?

Device registration.

How well did you know this?

Not at all

Perfectly

Which option should be used for corporate-owned devices in Azure AD?

Device joining.

How well did you know this?

Not at all

Perfectly

Which option should be used for devices that are joined to on-premises Active Directory and Azure AD?

Hybrid AD joined.

How well did you know this?

Not at all

Perfectly

What editions of Azure AD include password change for cloud-only users?

All editions.

How well did you know this?

Not at all

Perfectly

What editions of Azure AD support password reset for cloud-only users?

Microsoft 365 Business Standard, Microsoft 365 Business Premium, Azure AD Premium P1, Azure AD Premium P2.

How well did you know this?

Not at all

Perfectly

What editions of Azure AD support password change/unlock/reset for hybrid users?

Microsoft 365 Business Premium, Azure AD Premium P1, Azure AD Premium P2.

How well did you know this?

Not at all

Perfectly

What is the difference between RBAC roles and Azure AD administrative roles?

RBAC roles manage access to Azure resources; Azure AD roles manage identity tasks.

How well did you know this?

Not at all

Perfectly

What permission is required to create a custom role in Azure?

Microsoft.Authorization/roleDefinitions/write permission.

How well did you know this?

Not at all

Perfectly

How are deny assignments created in Azure IAM blades?

By applying a resource lock through Azure Blueprints.

How well did you know this?

Not at all

Perfectly

What is the purpose of a CanNotDelete lock in Azure?

It prevents the deletion of a resource.

How well did you know this?

Not at all

Perfectly

What is the purpose of a ReadOnly lock in Azure?

It prevents users from modifying a resource.

How well did you know this?

Not at all

Perfectly

Can resource locks be applied to a subscription?

Yes.

How well did you know this?

Not at all

Perfectly

Are resource locks inherited by child resources in Azure?

Yes.

How well did you know this?

Not at all

Perfectly

What is required for tags to be visible in detailed usage exports in Azure?

Tags must be applied at the resource scope.

How well did you know this?

Not at all

Perfectly

Can a resource group be nested within another resource group in Azure?

No.

How well did you know this?

Not at all

Perfectly

Can a resource be moved from one resource group to another in Azure?

Yes.

How well did you know this?

Not at all

Perfectly

What must be true for subscriptions to move resources between them?

Both subscriptions must be associated with the same Azure AD tenant.

How well did you know this?

Not at all

Perfectly

What happens to resources during a move operation in Azure?

They are locked, blocking write and delete operations, but the underlying service continues to function.

How well did you know this?

Not at all

Perfectly

What is required to move a subscription to a new Azure AD tenant?

Transfer ownership of the subscription to another account.

What is the maximum number of custom roles per directory in Azure AD?

5,000 custom roles.

What is the maximum number of role assignments per subscription in Azure AD?

2,000 role assignments.

What is the maximum number of role assignments per management group in Azure AD?

500 role assignments.

What is the limit for the maximum number of objects synchronized using Azure AD Connect?

50,000 objects by default.

How many NSG rules can you have per NSG in Azure?

1,000 NSG rules.

What is the maximum number of private endpoints per VNet in Azure?

1,000 private endpoints.

What is the maximum number of storage accounts per region per subscription in Azure?

250 storage accounts.

What is the maximum size of a file in Azure Files?

1 TiB.

What is the maximum number of keys per Azure Key Vault?

4,096 keys.

What is the maximum number of secrets per Azure Key Vault?

10,000 secrets.

What is the maximum number of certificates per Azure Key Vault?

2,000 certificates.

What are the three types of blobs in Azure Blob Storage?

Block Blobs, Page Blobs, Append Blobs.

What are the three access tiers in Azure Blob Storage?

Hot, Cool, Archive.

What is the maximum size of a block blob in Azure?

190.7 TiB.

What is the maximum size of a page blob in Azure?

8 TiB.

What is the maximum size of an append blob in Azure?

195 GB.

What are the performance tiers for Azure Blob Storage?

Hot, Cool, Archive.

What is the maximum retention period for soft delete in Azure Blob Storage?

365 days.

What are the access levels for Azure Blob Storage containers?

Private, Blob, Container.

What is the maximum number of diagnostic settings per resource in Azure Monitor?

10 diagnostic settings.

What is the maximum number of metrics per subscription in Azure Monitor?

500,000 metrics.

What is the maximum number of metric alerts per subscription in Azure Monitor?

5,000 metric alerts.

What is the maximum number of action groups per subscription in Azure Monitor?

2,000 action groups.

What is the maximum number of activity log alerts per subscription in Azure Monitor?

1,000 activity log alerts.

What is the maximum number of application insights resources per subscription in Azure?

1,000 application insights resources.

What is the maximum number of Azure Monitor workbooks per subscription?

500 workbooks.

What is the maximum number of alerts per subscription in Azure Security Center?

1,000 alerts.

What is the maximum number of Azure Security Center policies per subscription?

100 policies.

What is the maximum number of recommendations per subscription in Azure Security Center?

1,000 recommendations.

What is the maximum number of assessments per subscription in Azure Security Center?

100 assessments.

What is the maximum number of Azure Blueprints per subscription?

200 blueprints.

What is the maximum number of blueprint assignments per subscription?

400 blueprint assignments.

What is the maximum number of Azure Resource Manager (ARM) templates per subscription?

1,000 ARM templates.

What is the maximum number of ARM template deployments per subscription?

800 deployments.

What is the maximum size of an ARM template parameter file?

4 MB.

What is the maximum number of Azure Key Vaults per subscription?

500 key vaults.

What is the maximum number of Key Vault access policies per key vault?

1,024 access policies.

What is the maximum number of Azure Policy definitions per subscription?

1,000 policy definitions.

What is the maximum number of Azure Policy assignments per subscription?

500 policy assignments.

What is the maximum number of Azure Policy initiatives per subscription?

100 initiatives.

What is the maximum number of Azure Policy parameters per policy definition?

20 parameters.

What is the maximum number of Azure Policy non-compliant resources per subscription?

10,000 non-compliant resources.

What is the maximum number of Azure Policy compliance reports per subscription?

1,000 compliance reports.

What is the maximum number of Azure Service Health alerts per subscription?

500 alerts.

What is the maximum number of Azure Service Health action groups per subscription?

200 action groups.

What is the maximum number of Azure Advisor recommendations per subscription?

1,000 recommendations.

What is the maximum number of Azure Advisor action groups per subscription?

100 action groups.

What is the maximum number of virtual machine scale sets (VMSS) per subscription?

2,000 VMSS.

What is the maximum number of instances per VMSS?

1,000 instances.

What is the maximum number of tags per resource in Azure?

50 tags.

What is the maximum number of virtual networks (VNets) per region per subscription?

500 VNets.

What is the maximum number of subnets per VNet in Azure?

3,000 subnets.

What is the maximum number of IP configurations per network interface in Azure?

50 IP configurations.

What is the maximum number of private IP addresses per subscription in Azure?

10,000 private IP addresses.

What is the maximum number of public IP addresses per subscription in Azure?

1,000 public IP addresses.

What is the maximum number of route tables per subscription in Azure?

400 route tables.

What is the maximum number of user-defined routes per route table in Azure?

400 user-defined routes.

What is the maximum number of VNets per subscription in Azure?

1,000 VNets.

What is the maximum number of public IP prefixes per subscription in Azure?

100 public IP prefixes.

What is the maximum number of virtual network gateways per subscription in Azure?

50 virtual network gateways.

What is the maximum number of VPN connections per virtual network gateway in Azure?

30 VPN connections.

What is the maximum number of VPN gateways per subscription in Azure?

50 VPN gateways.

What is the maximum number of Azure AD B2C tenants per subscription?

1,000 B2C tenants.

What is the maximum number of Azure AD B2B guest users per tenant?

5 million guest users.

What is the maximum number of Azure AD B2C users per tenant?

100 million B2C users.