Implement Azure Active Directory Flashcards

1
Q

What tool is used to sync onprem Active Directory to Azure Active Directory?

A

Azure Active Directory Synchronization Services (AAD Sync)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

If you dont want passwords syncing to Azure AD and want a single sign on experience what can you do/use?

A

Use a security token service (STS) or Active Directory Federation Service (AD FS) on-prem for authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the default domain for an Azure subscription?

A

*.onmicrosoft.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What 2 types of records can you use with your domain name registrar to verify you own the domain you are trying to add to your Azure subscription?

A

TXT (preferd) or MX Records

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Cloud App Discovery?

A

A service you can use to discover cloud applications being used from within your organization leveraging and endpoint agent installed on the individual machines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the two modes Azure Active Directory supports for single sign-on?

A

federation-based and password-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the URL where users can access the Access Panel?

A

https://myapps.microsoft.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Graph API used for?

A

The graph API is used by applications to create, read, update, or delete directory objects in Azure Active Directory. An application must be configured for either the Read Directory Data or Read And Write Directory Data permissions to use the graph API.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What 2 security token formats does Azure Active Directory support?

A

SAML and JWT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

True/False: The oauth2Permissions array node in a web service application’s manifest can be edited to allow the web service to be accessed from other applications registered in the directory, such as web applications or a native applications?

A

True, also its json

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which protocols does Azure Active Directory provide application endpoints for?

A
  1. WS-Federation
  2. SAML-P
  3. OAuth 2.0
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The URL for a tenant-specific endpoint of SAML tokens?

A

https://sts.windows.net/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The URL for an application endpoint used to sign in and sign out users using the SAML-P protocol?

A

https://login.windows.net//saml2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The URL for an application endpoint used to sign in and sign out users using the WS-Federation protocol?

A

https://login.windows.net//wsfed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A developer building a web application for your organization needs the certificate that your Azure Active Directory uses to sign SAML tokens. Which application endpoint should you provide the developer?

A

The federation metadata document endpoint points to the metadata document for the Azure Active Directory, which contains the certificate used to sign SAML tokens.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly