Implement and Manage External Identities Flashcards

1
Q

What makes it possible for you to allow people outside your organization to access internal resources?

A

Azure AD External Identities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does Azure AD External Identities focus on?
A. User’s Relationship to your Organization
B. How User wants to Sign In

A

B. How the user wants to sign in.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

By default, who invites external users?

A

Everyone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Levels of ___________

  • Turn off invitations
  • Only admins and users in the Guest Inviter role can invite
  • Admins, the Guest Inviter role, and members can invite
  • All users, including guests, can invite
A

Azure AD B2B Invitation Policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What 3 actions are required for self-service app management or SAML-based apps?

A
  1. Enable self-service group management for your tenant.
  2. Create a group to assign to the app and make the user an owner.
  3. Configure the app for self-service and assign the group to the app.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can a bulk list of external users be added to Azure AD?

A

Upload a CSV file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

PIM

A

Privileged Identity Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the 4 States of Azure AD B2B accounts.

A

State 1: Homed in an external instance of Azure AD and represented as a guest user in the inviting organization. In this case, the B2B user signs in by using an Azure AD account that belongs to the invited tenant.

State 2: Homed in a Microsoft or other account and represented as a guest user in the host organization.

State 3: Homed in the host organization’s on-premises Active Directory and synced with the host organization’s Azure AD.

State 4: Homed in the host organization’s Azure AD with UserType = Guest and credentials that the host organization manages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the default source of a new Guest User?

A

Invited User

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When does the user account source update from Invited User?

A

When the external user accepts the invitation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What user property indicates the user’s relationship to the host tenancy?

A

UserType

  • Member
  • Guest
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What user property indicuates how the user signs in?

A

Source

  • Invited User
  • External Azure AD
  • Microsoft Account
  • Windows Server AD
  • Azure AD
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True or False:

UserType has a dynamic relationship to Source.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SAML

A

Security Assertion Markup Language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What two protocols facilitate direct federation with another organizations identity provider?

A
  1. SAML 2.0

2. WS-Fed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Can you use direct federation with a domain that is DNS-verified in Azure AD?

A

No

17
Q

Can Google federation be used with G Suite domains?

A

No

18
Q

If you remove direct federation and the external users access, how do you re-enable their access.

A

Rebuild the direct federation along with the affected user profiles.

19
Q

How do you connect a Facebook as an identity provider?

A

Self-service sign up or user flow

20
Q

Users assigned limited administrator directory roles can use the Azure portal to invite B2B collaboration users. You can invite B2B collaboration users to a directory or to a group. What other activities can B2B collaboration users be invited?

A

An application.

21
Q

Azure AD B2B can be configured to federate with identity providers that use either of two protocols. One protocol is Security Assertion Markup Language (SAML); what is the other protocol?

A

WS-Federation (WS-Fed)

22
Q

What are dynamic groups?

A

Dynamic groups are security groups whose memberships are based on user attributes (such as userType, department, or country/region).