Manage & Protect Flashcards
What does Windows Defender ATP stand for?
Windows Defender Advanced Threat Protection
Where are two places you can get Windows Defender ATP?
Windows 10 Enterprise/Education E5 Subsciption
Part of Microsoft Threat Protection
Can you find the Security portal in Azure?
Yes
Six features of Windows Defender ATP?
Threat Vulnerability
-Constantly looking at your system for vulnerabilities
Attack Surface Reduction
-Example by not running services Organisation does not need
Endpoint Detection
Automated Remediation
-Attack is detected and ATP takes steps to eradicate
Secure Score
-x/100. Represents how secure your Infrastructure is overall
APIs
-Makes it easy to implement in your existing security workflows
What does Credential Guard do?
Virtualizes security of credentials, meaning the credential is separated from the OS
Requirements of Credential Guard
Virtulization
-64 Bit Cpu
Secure Boot
TMP 1.2 or 2.0
UEFI Lock
What are 3 ways you can configure Credential Guard?
Group Policy
Registry
Hardware Readiness Tool
4 Components for Exploit Guard?
Exploit Protection
Attack Surface Reduction Rules
Network protection
Controlled folder access
Do all 4 of the Exploit Guard rely on Windows Defender Antivirus? (Real Time protection)
Yes
Where can you locate the Virus Real Time protection settings?
Settings -> Updates & Security -> Windows Security -> Virus & Threat Protection settings
Can you use an Evaluation Tool for Exploit Guard to see if it is right for your environment?
Yes through scrips provided by Microsoft, an audit mode and a Windows defender Test Ground
What does Application Control Limit?
Apps
Scripts including Powershell
MSIs
Two ways to configure Windows Defender Application Control?
Group Policy
Intune
What are the 2 components of the retired Windows Defender Device Guard?
Windows Defender Exploit Guard
Windows Defender Application Control
What does the Windows Defender Application Guard protect within?
IE
Edge
How do you turn on Windows Defender Application Guard?
Windows Feature on and Off
If you upload On Prem AD to the cloud, does it become Azure AD?
No, when you upload On Prem AD it just stays in the cloud and acts as infrastructure as a service and receive the benefits of the cloud things.
Does Hybrid AD join Azure AD?
Yes
What is an Azure Tenant?
Your instance of Azure AD when you sign up for the Cloud
What is a Single Tenant?
You only access resources in your oganization
What is a Multi Tenant?
You access resources across organizations
What is an Azure AD Acct?
Identity stored in Azure AD; Work or School account
What is a Custom Domain?
Domain other than onmicrosoft.com
What is an Acct Admin?
Billing owner of the subscription (classic)
What is a Service Admin?
Manage all resources (classic)
What is an Owner?
Manage all resources (RBAC)
What is an Azure AD Global Admin?
Persons who created the Azure ad Tenant
What is a MSA?
Microsoft Account
What is a directory role?
A role within Azure such as admin roles and permissions
What do you get as part of the Azure AD Free License?
User & Group Management
On Prem directory sync
Basic Reports
SS0 - Azure, O365, SaaS
What do you get as part of the Azure AD Basic License?
All of Azure AD Free
Cloud-Centric app access
Azure AD Application Proxy
What do you get as part of the Azure AD Premium P1?
Hybrid users for On-Prem and cloud resource access
Advanced administration
What do you get as part of the Azure AD Premium P2?
Azure Directory Identity Protection
Privileged Identity Management (control what Admins can do)
What do you get as part of the “Pay as you go”
Pay as you go…
Azure AD Business to client