Manage User Authentication Flashcards
Name 3 Passwordless authentication methods for Microsoft 365.
- Windows Hello
- Microsoft Authenticator
- FIDO2 Security Key
FIDO2
Fast Identity Online
How does FIDO2authentication typically work?
USB device with security key (also Bluethooth or NFC)
Benefits of ______________
- unphishable
- passwordless
- external security key
FIDO
What is the earliest version of WIndows that supports FIDO?
Windows 10, 1903
Problems fixed by ________
- Strong passwords are hard to remember
- Server breaches can expose passwords
- Passwords are subject to replay attacks
- Phishing attacks compromise passwords
Windows Hello
What version of TPM is required to generate a key in software?
2.0
What two security groups are required to deploy Windows Hello for Business?
- KeyCredential Admins
2. Windows Hello for Business Users
What does the initialism TPM stand for?
Trusted Platform Module
What is the primary purpose of a TPM?
Securely stores keys and measures the integrity of a system.
What is the weakness of TPM that attackers exploit?
The information in-transit between the CPU and TPM
What is the improvement provided by the Pluton architecture?
The TPM is emulated directly on the CPU keeping the information from being in-transit.
What are the two biggest benefits of SSPR?
- Users can reset their own password.
2. No IT intervention
What allows you to control access to SaaS cloud applications based on the authenticating Azure AD tenant?
Tenant restrictions
What two high level steps are needed to enable tenant restrictions?
- Ensure clients can connect to addresses.
2. Configure proxy infrastructure