Implementing Azure Active Directory Privileged Identity Management Flashcards
What is Azure Active Directory Privileged Identity Management (PIM)?
Azure Active Directory Privileged Identity Management (PIM) is an Azure offering that allows you to manage and control access to resources within Azure and Azure AD, as well as other services such as Intune and Office 365.
What license is required for users to interact with Privileged Identity Management?
Users require a valid Azure AD Premium P2 license or an Enterprise Mobility + Security E5 license to interact with Privileged Identity Management.
What can organizations see and manage with Azure AD Privileged Identity Management?
Organizations can see which users are assigned privileged roles for managing Azure resources and administrative roles within Azure Active Directory. They can also enable on-demand or just-in-time administrative access and view a history of administrator activation and changes.
What features does Azure AD Privileged Identity Management offer?
Azure AD Privileged Identity Management offers features such as approval workflows for activating privileged admin roles, reviewing membership of administrative roles, requiring justifications for ongoing membership, and configuring alerts for administrator role changes.
What roles can be managed with Azure AD Privileged Identity Management?
Azure AD Privileged Identity Management can manage users assigned to built-in Azure AD roles (e.g., global admin) and users and groups assigned via Azure RBAC roles (e.g., owner and contributor roles).
