MS-900 Flashcards

1
Q

Microsoft Graph

A

gateway to data for m365

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

M365 is new term,

A

M365 is new term, since it’s more than just office. (security and online services). O365- came from Microsoft Business and Productivity Suite (BPOS)
M365 = O365 + Windows, and Enterprise Mobility + Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Microsoft Planner

A

is a light weight PM/Kanban board

For simple projects. Before ms project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Microsoft Bookings

A

SAAS calendar management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Microsoft Viva

A

my.ge.com . Also includes Glint which is a feedback tool and priority setting. And a learning platform.
* Can get insights froM MS Teams and Email

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Microsoft Yammer

A

Enterprise social network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Microsoft Intune -

A

cloud based endpoint management (can also deploy office)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Configuration Manager

A

on premise management of desktops; can deploy office suite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Co-management

A

connecting config manager to 365 to use conditional access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Tenant attached -

A

store your devise record in the cloud

Tenant attach makes the Microsoft Intune admin center your console in the cloud. The architecture allows the Configuration Manager site to synchronize data about the device and the user to your Intune tenant.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Windows Autopilot

A
  • cloud native services that set up devices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Desktop as a Service

A

W365 Virtual Desktop verse Azure Virtual Desktop. W365 includes o365 and is fixed price. Azure more dev focused allowing for multi sessions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Windows as a service

A

Instead of major Windows releases every few years, it updates semi annually

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

M365 Admin

A

add users, manager 365, adoption scores and usage, other reporting on endpoints/secuirty etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Microsoft 365 Defender

A

View information about security trends and track the protection status of your identities, data, devices, apps, and infrastructure in the Security admin center through Microsoft 365 Defender.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Entra ID

A

FORMERLY AAD , AAD –> Azure ID –> ID Connect, Oauth 2, SAML WS fed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Tenant (or directory)-

A

a dedicated instance of Microsoft Entra ID that an organization or app developer receives at the beginning of a relationship with Microsoft.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

B2b Colab

A

just login, guest on your aad

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

B2B Direct Connect

A

a trust with login ability to share

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Managed Identities

A

Managed identities are a type of service principal that are automatically managed in Microsoft Entra ID and eliminate the need for developers to manage credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Service Principal

A

Service principals are used by applications or services to access Azure resources but application developers must manage and protect the credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Microsoft Entra RBAC

A

Microsoft Entra roles control access to Microsoft Entra resources such as users, groups, and applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Azure RBAC

A

Azure roles control access to Azure resources such as virtual machines or storage using Azure Resource Management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Types of ‘SECURE Login’

A
  • Oath provides one time passcodes
  • Fido2 new standard for USB badges blue tooth ‘hello’ capabialbies
  • SSPR - self service password reset
  • Multifator
    • Something you know – typically a password or PIN and
    • Something you have – such as a trusted device that’s not easily duplicated, like a phone or hardware key or
      Something you are – biometrics like a fingerprint or face scan.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

PIM

A

Privilege Identity Management - just in time super user access, audits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Identity Protection

A

is a tool that allows organizations to utilize security signals to identify potential threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Permissions Management

A

Permissions Management allows multicloud discovery, remediation, and monitoring of privileged access across Azure, AWS, and GCP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the difference between Network Security Groups (NSGs) and Azure Firewall?

A

Now that you’ve learned about both Network Security Groups and Azure Firewall, you may be wondering how they differ, as they both protect Virtual Network resources. The Azure Firewall service complements network security group functionality. Together, they provide better “defense-in-depth” network security. Network security groups provide distributed network layer traffic filtering to limit traffic to resources within virtual networks in each subscription. Azure Firewall is a fully stateful, centralized network firewall as-a-service, which provides network and application-level protection across different subscriptions and virtual networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Microsoft Purview

A

Microsoft Purview compliance portal is the portal for organizations to manage their compliance needs using integrated solutions for information protection, data lifecycle management, insider risk management, auditing, and more

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is the difference between Compliance Manager and compliance score?

A

Compliance Manager is an end-to-end solution in the Microsoft Purview compliance portal to enable admins to manage and track compliance activities. Compliance score is a calculation of the overall compliance posture across the organization. The compliance score is available through Compliance Manager.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Service Trust Portal (STP)

A

The Service Trust Portal (STP) is Microsoft’s public site for publishing audit reports and other compliance-related information associated with Microsoft’s cloud services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Priva Privacy Risk Management

A

Priva Privacy Risk Management, which provides visibility into your organization’s data and policy templates for reducing risks; and

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Priva Subject Rights Requests

A

which provides automation and workflow tools for fulfilling data requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Microsoft’s approach to privacy is built on the following six principles:

A
  • Control: Putting you, the customer, in control of your data and your privacy with easy-to-use tools and clear choices. Your data is your business, and you can access, modify, or delete it at any time. Microsoft will not use your data without your agreement, and when we have your agreement, we use your data to provide only the services you have chosen. Your control over your data is reinforced by Microsoft compliance with broadly applicable privacy laws and privacy standards.
    • Transparency: Being transparent about data collection and use so that everyone can make informed decisions. We only process your data based on your agreement and in accordance with the strict policies and procedures that we’ve contractually agreed to. When we deploy subcontractors or subprocessors to perform work that requires access to your data, they can perform only the functions that Microsoft has hired them to provide, and they’re bound by the same contractual privacy commitments that Microsoft makes to you. The Microsoft Online Services Subprocessor List identifies authorized, subprocessors, who have been audited against a stringent set of security and privacy requirements in advance. This document is available as one of the data protection resources in the Service Trust Portal.
    • Security: Protecting the data that’s entrusted to Microsoft by using strong security and encryption. With state-of-the-art encryption, Microsoft protects your data both at rest and in transit. Our encryption protocols erect barriers against unauthorized access to the data, including two or more independent encryption layers to protect against compromises of any one layer. All Microsoft-managed encryption keys are properly secured and offer the use of technologies such as Azure Key Vault to help you control access to passwords, encryption keys, and other secrets.
    • Strong legal protections: Respecting local privacy laws and fighting for legal protection of privacy as a fundamental human right. Microsoft defends your data through clearly defined and well-established response policies and processes, strong contractual commitments, and if necessary, the courts. We believe all government requests for your data should be directed to you. We don’t give any government direct or unfettered access to customer data. We will not disclose data to a government or law enforcement agency, except as you direct or where required by law. Microsoft scrutinizes all government demands to ensure they’re legally valid and appropriate. If Microsoft receives a request for your data, we’ll promptly notify you and provide a copy of the request unless legally prohibited from doing so. Moreover, we’ll direct the requesting party to seek the data directly from you. Our contractual commitments to our enterprise and public sector customers include defending your data, which builds on our existing protections. We’ll challenge every government request for commercial and public sector customer data where we can lawfully do so.
    • No content-based targeting: Not using email, chat, files, or other personal content to target advertising. We do not share your data with advertiser-supported services, nor do we mine it for any purposes like marketing research or advertising.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Sensitivity labels

A

Sensitivity labels enable you to apply to content like emails and documents, much like different stamps can be applied to physical documents. Instead, use sensitive information types to identify specific types of information such as credit card numbers. –>Microsoft provides built-in sensitive information types that you can use to identify data such as credit card numbers.​​

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Microsoft Purview Communication Compliance

A

Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance (for example, SEC or FINRA) and business conduct violations such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to help ensure user-level privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

eDiscovery (Premium)

A

The eDiscovery (Premium) solution allows you to collect and copy data into review sets, where you can filter, search, and tag content so you can identify and focus on content that’s most relevant.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Audit (Standard)

A

Audit (Standard) provides with you with the ability to log and search for audited activities and power your forensic, IT, compliance, and legal investigations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Microsoft 365 Business

A

Microsoft 365 Business is designed for companies with under 300 employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Symmetric

A

Symmetric is the same key encrypt and decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Asymmetric

A

Asymmetric one can decrypt one to encrypt (a pair). If you send me a message, you encrypt with my public key and only I can decrypt with my private key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Viva Connections

A

Viva Connections - stay connecting with each other via SharePoint and Yammer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Viva Insights

A

Viva Insights - daily email of how to optimize you and your team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Viva Topics

A

Viva Topics - Knowledge Base/my.ge.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Viva Learning

A

Viva Learning - my Learning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

AD Connect

A

AD Connect –> Allow on prem items to use AAD (aka Entra)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Cloud Sync

A

Cloud Sync –> Sync local AD with AAD (aka Entra)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Configuration Manager

A

Configuration Manager - more focused on prem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Co-management

A

Co-management- use Intune and Config Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Windows Update for Biz

A

Windows Update for Biz Is really just Window Update

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Office Deployment Tool (ODT)

A

Office Deployment Tool (ODT) - is a command-line tool that you can use to download and deploy Click-to-Run versions of Office, such as Microsoft 365 Apps for enterprise, to your client computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Office Portal

A

where users can go and download apps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

CIA

A

Confidentiality - protecting sensitive data
Integrity - don’t get compromised
Availability-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Data Residency

A

Data Residency - where is the data physically located

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Data Sovereignty

A

Data Sovereignty - which countries law is the data subject two

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Microsoft 365

A

Microsoft 365 -
Microsoft 365 is available as a subscription-based service and provides Microsoft apps for employees to use online and offline.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Zero Trust security principles for Microsoft 365.

A

Network-based protection relies on such components as internal segmentation and micro-segmentation. Granularity in apps-based protection is typically based on roles. Device-based protection relies on device risk and compliance state. Infrastructure-based protection relies on such components as just-in-time (JIT) and version control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Defender for Identity

A

Defender for Identity is a solution that uses the Active Directory data as signals to identify suspicious activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Defender for Office 365

A

Defender for Office 365 protects against threats in email messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Defender for Cloud Apps

A

Defender for Cloud Apps operates as an intermediary between the cloud user and cloud provider, mediating the requests sent to the cloud providers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Defender for Endpoint

A

Defender for Endpoint is used to protect devices (endpoints), integrating with Microsoft Intune, Defender for Cloud, and other services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Hunting

A

Hunting is part of the Microsoft 365 Defender portal that allows the security professionals to proactively search for undetected threats across the users’ devices and applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Incidents and alerts in the Microsoft 365 Defende

A

Incidents and alerts in the Microsoft 365 Defender portal represent detected potential threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Secure score in the Microsoft 365 Defender portal

A

Secure score in the Microsoft 365 Defender portal represents the company’s security posture.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Threat analytics in the Microsoft 365 Defender portal

A

Shows your threats and what you could do about them for YOUR environment

Threat analytics in the Microsoft 365 Defender portal provides the interface to identify threat intelligence information analyzed by Microsoft security researchers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Enclaves

A

Enclaves use cryptography to create a secure lockbox that protects non-persistent data. MEMORY

Encryption at rest protects data stored at persistent storage such as disks and databases. Hashing converts text to an exclusive value with a fixed length. It is used to verify authenticity of files and store passwords. Private key is a component of public key infrastructure (PKI), used together with a public key. It is often used for encryption in transit such as for HTTPS.

67
Q

Federated authentication

A

Federated authentication is a recommended authentication for companies with complex requirements that cannot be met by Microsoft Entra ID. User authentication validation happens on the company’s Active Directory single sign-on (SSO) with smart cards or certificates, which is supported through federated authentication.

68
Q

Limitations of Password hash and passthrough

A

Password hash synchronization, pass-through authentication, and password less authentication do not support SSO with smart cards or certificates.

69
Q

Password hash

A

Password hash synchronization enables users to sign in to on-premises and cloud applications using the same password. This ensures that the user’s authentication takes place in Microsoft Entra ID rather than the company’s on-premises Active Directory.

70
Q

Pass-through authentication

A

Pass-through authentication enables users to sign in to on-premises and cloud applications using the same password. This authentication type validates the user’s password against the company’s on-premises Active Directory, not Microsoft Entra ID. Passwordless authentication is a more convenient way to authenticate because passwords are completely removed and replaced by something you have, something you are, or something you own.

71
Q

Defender for Office 365

A

The service to use for email messages

72
Q

Defender for Identity

A

protects against compromised identities and malicious actions.

73
Q

Defender for Endpoint

A

protects network endpoints such as compute devices.

Antivirus and more

74
Q

Defender for Cloud Apps

A

is a cross– software as a service (SaaS) solution that intermediates the cloud user and the cloud provider.

75
Q

Microsoft Priva

A

Microsoft Priva helps companies achieve their data privacy and GDPR goals. It provides two solutions that help to support this;

76
Q

Priva Privacy Risk Management

A

Priva Privacy Risk Management provides visibility into the company’s data and policy templates to reduce risks and

77
Q

Priva Subject Rights Requests

A

Priva Subject Rights Requests provides workflow tools for fulfilling data requests. S

78
Q

Secure Score

A

Secure Score is a tool that tracks the company’s security posture. Service Trust Portal does not provide tools that support data privacy and regulations requirements.

79
Q

Uptime Credits -

A
  • Below 99.9% grants 25% credit.
  • Below 99% grants 50% credit.
    Below 95% grants 100% credit.
80
Q

FastTrack support service

A

FastTrack support service helps customers onboard to Microsoft 365 and supports the company to drive adoption of Microsoft 365 services in the company.

81
Q

Pre-sales

A

Pre-sales is a support service provided to help the company with understanding more about Microsoft 365 services before the purchase is made.

82
Q

Community-based

A

Community-based support is a free support service provided by members of the community.

83
Q

Microsoft Unified

A

Microsoft Unified support is a 24/7 support service provided for your Microsoft 365 service for as-needed technical support.

84
Q

The Health area in the admin center

A

The Health area in the admin center is the place where information about the current health of Microsoft services can be found.

85
Q

The Support (admin center)

A

The Support (admin center) area can be useful for raising a support ticket with Microsoft if there is no indication of current service health issues.

86
Q

The Settings (admin center

A

The Settings (admin center) area displays information about the company’s domain setup.

87
Q

The Reports (admin center)

A

The Reports (admin center) area displays adoption score and usage reports. The Support area shows information about service requests created with Microsoft support.

88
Q

From SA USLs

A

From SA USLs are used by customers that currently have Software Assurance (agreement which entitles them to always run the latest software versions) to transition to the cloud.

89
Q

From SA USLs

A

From SA USLs are used by customers that currently have Software Assurance (agreement which entitles them to always run the latest software versions) to transition to the cloud.are used by companies without any contracts for Microsoft services.

90
Q

Add-on USLs

A

Add-on USLs are used by companies that already have on-premises based licenses and are looking to add cloud services to the contracts they currently have.

91
Q

Step up USLs

A

Step up USLs are used by customers wanting to change their service to a higher level.

92
Q

Planner

A

Simple project

Planner provides the team lead and team members the ability to manage tasks in a structured manner by creating a plan and buckets, for organizing assigned tasks.

93
Q

Tasks

A

Tasks can be displayed in different views such as Charts and Calendar.

Outlook based. Being replaced with todo

94
Q

To Do

A

To Do manages your to do list on a day-to-day basis.

95
Q

OneDrive

A

OneDrive is a cloud library for file storage and sharing. Bookings provides an easy way to manage the scheduling of appointments. To Do, OneDrive, and Bookings do not support task management.

96
Q

Forms

A

Forms provides the ability to create surveys, quizzes, and polls. To Do, Planner, and Forms do not provide the ability to manage virtual scheduling and appointments.

97
Q

Teams Live Event

A

Teams Live Event meets all the requirements as this supports an audience greater than 8,000, the moderation of questions and answers and the deactivation of video and audio calls for all attendees.

98
Q

Teams Private Channel Meeting

A

Teams Private Channel Meeting Teams Private Channel supports a maximum of 250 users and moderation of questions and answers.

99
Q

Viva connections

A

Team view of what is going on.

Viva connections provides a dashboard to access resources, view personalized tasks, communications, and news updates.

100
Q

Bookings

A

Bookings gives the ability to manage appointment scheduling for customers.

101
Q

Viva Topics

A

Reddit QA

Viva Topics provides employees access to knowledge and expertise from various Microsoft 365 resources.

102
Q

Teams screen limitations

A

The screen sharing capability is supported for up to 1,000 participants of a meeting. While meetings can accommodate up to 20,000 participants, the remaining participants have view-only capabilities.

103
Q

OneDrive

A

OneDrive is a tool for collaborating on files that allows offline access to files, offers desktop-based versions of the application

104
Q

SharePoint

A

SharePoint teams sites allow collaboration on documents and sharing with internal and external users. It also offers a desktop-based application but does not offer offline access.

105
Q

Microsoft Teams

A

Microsoft Teams is a collaboration tool intended for chatting, meetings, and calendar. Although you can store files on Teams sites, and there are desktop-based applications available, the files are not accessible while offline.

106
Q

Yammer

A

Yammer is a corporate social network. Content can be shared to internal and external users. It is available as a desktop-based app, but it does not offer offline file access.

107
Q

Types of Teams of Channels:

A

Standard channels are available to all team members in Teams. Most channels are standard channels. If you need a smaller, specific audience for a particular subject, you can use a private channel. Shared channels are for collaborating with people inside and outside your team or organization.

108
Q

Azure Victual Desktop vs Windows 365

A

Azure Virtual Desktop provides enhanced capabilities for Surface devices that not only deliver dedicated desktop compute resources to each individual user, but also integrate natively with Surface biometric authentication and support the pen and ink experience. Windows 365 Business and Windows 365 Enterprise do not integrate natively with Surface biometric authentication, and it does not support the pen and ink experience. While Azure Virtual Machine does offer dedicated desktop compute resources to each individual user and it would be potentially possible to implement support for Surface biometric authentication and its pen and ink experience, this would require a significant amount of administrative effort.

109
Q

Semi-Annual Enterprise Channe

A

Semi-Annual Enterprise Channel makes security and quality updates available as soon as they are released. Feature updates are available in July and January in the staggered manner, later than Semi-Annual Enterprise Channel (Preview), which makes them available in March and September.

110
Q

Current Channel

A

Current Channel makes security, quality, and feature updates available as soon as they are released.

111
Q

Monthly Enterprise Channel

A

Monthly Enterprise Channel makes security and quality updates available as soon as they are released.
Feature updates are staggered and made available once per month, but this is much more frequent than Semi-Annual Enterprise Channel.

112
Q

Semi-Annual Enterprise Channel (Preview)

A

Semi-Annual Enterprise Channel (Preview) makes security and quality updates available as soon as they are released. Feature updates are available in the staggered manner in March and September, which is earlier than Semi-Annual Enterprise Channel, which makes them available in July and January.

113
Q

Azure Virtual Desktop

A

Azure Virtual Desktop allows virtualization of apps and desktops, allowing them to be accessible by single or multiple users.

114
Q

Windows 365

A

Windows 365 is a Cloud PC solution, accessible by a single user.

115
Q

Microsoft 365

A

Microsoft 365 is the evolution of Office 365, including the Office apps and Windows licenses.

116
Q

Azure Bastion

A

Azure Bastion is a broker service for accessing VMs hosted in Azure.

117
Q

Viva Organizational Insights is available as an app in Team

A

Viva Organizational Insights is available as an app in Teams. Viva Organizational Insights does not include integration with To Do, Planner, or Yammer.

118
Q

Endpoint Manager admin center

A

Endpoint Manager admin center shows Intune reports about device compliance, health, and trends.

119
Q

The Microsoft Entra ID Report

A

The Microsoft Entra ID reports show sign-in activity and audit logs.

120
Q

Viva Insights

A

Get recommendations on how to work better as an IC or a manager.

Viva Insights supports the well-being and productivity of employees. It provides the feature to help employees protect
their time, stay connected with colleagues, give praise, and take breathing breaks.

121
Q

Microsoft Enterprise Agreement (EA)

A

Microsoft Enterprise Agreement (EA) is designed for organizations that want to license software and cloud services for a minimum three-year period. The Enterprise Agreement offers the best value to organizations with 500.
. Additionally, through Software Assurance, your organization can receive 24x7 technical support, planning services, end-user and technical training.

122
Q

Microsoft 365 for home

A

Microsoft 365 for home exists to bring the same great productivity benefits into your personal and family life. Microsoft 365 Home comes in two plans, Microsoft 365 Personal and Microsoft 365 Family. Personal is for a single person with multiple devices and family is for up to six people

123
Q

Microsoft 365 Education

A

Microsoft 365 Education is available for educational institutions to help empower educators to unlock creativity and promote teamwork while providing a safe experience in a single, affordable solution. Academic licenses can be tailored to fit any institution’s needs, including productivity and security solutions for faculty, staff, and students. Microsoft 365 Education has three subscription plans for faculty and students that include different features: A1, A3, and A5. For more information,

124
Q

Microsoft 365 Government

A

Microsoft 365 Government is available for government institutions to help empower US public sector employees to work together in a secure way. Microsoft 365 Government has two subscription plans that include different features: G3, and G5. Your organization can also choose from two Office 365 subscription tiers: Office 365 Government G3 and Office 365 Government G5

125
Q

Microsoft 365 for business

A

Microsoft 365 for business is designed for small to medium-sized organizations that have up to 300 employees. It offers the full set of Office 365 productivity tools and includes security and device management features. There are four subscription tiers that include different features: Microsoft 365 Business Basic, Microsoft 365 Business Standard, Microsoft 365 Business Premium, and Microsoft 365 Apps for business.

126
Q

Microsoft 365 Enterprise

A

Microsoft 365 Enterprise is designed for enterprise-sized organizations. It provides enterprise-class services to organizations that want a productivity solution that includes robust threat protection, security, compliance, and analytics features. Microsoft 365 Enterprise has three subscription tiers that include different features: Microsoft 365 E3, Microsoft 365 E5, and Microsoft 365 F3. For more information, see Compare Microsoft 365 Enterprise plans. Your organization can also choose from four Office 365 subscription tiers: Microsoft 365 Apps for enterprise, Office 365 E1, Office 365 E3, and Office 365 E5

127
Q

user subscription licenses (USLs)

A
128
Q

Full USLs

A
  • Full USLs are for new customers who haven’t previously purchased Microsoft products and services.
129
Q

Add-on USLs

A
  • Add-on USLs are for on-premises software customers who want to add Microsoft 365 cloud products and services.
130
Q

From SA USLs

A
  • From SA USLs are for on-premises Software Assurance customers that want to transition to the cloud.
131
Q

Step Up USLs

A
  • Step Up USLs are for customers who want to upgrade the level of their service.
132
Q

Secure Score

A

Secure Score is one of the tools in the Microsoft Defender portal. It shows the company’s current security posture. The higher the Secure Score, the better the company’s security posture. IS for SECURITY POSTURE NOT COMPLIANCE

133
Q

Microsoft Entra ID includes an identity secure score

A

Microsoft Entra ID includes an identity secure score, which is a percentage that functions as an indicator for how aligned you are with Microsoft’s best practice recommendations for security. Each improvement action in identity secure score is tailored to your specific configuration.>

134
Q

A workload identity

A

FUNCTIONAL ID. A workload identity is an identity you assign to a software workload. This enables the software workload to authenticate to and access other services and resources. This helps secure your workload. In Microsoft Entra, workload identities are applications, service principals, and managed identities.

135
Q

A service principal

A

A service principal is essentially, an identity for an application. For an application to delegate its identity and access functions to Microsoft Entra ID,

136
Q

Managed identities

A

Managed identities are a type of service principal that are automatically managed in Microsoft Entra ID and eliminate the need for developers to manage credentials.

137
Q

Microsoft 365: Group/Distrubtution List

A

Microsoft 365: A Microsoft 365 group, which is also often referred to as a distribution group, is used for grouping users according to collaboration need

138
Q

Security: A security group

A

Security: A security group is the most common type of group and it’s used to manage user and device access to shared resources. For example, you may create a security group for a specific security policy such as Self-service password reset or for use with a conditional access policy to require MFA. Members of a security group can include users (including external users), devices, other groups, and service principals. Creating security groups requires a Microsoft Entra administrator role.

139
Q

Microsoft Entra Cloud Sync

A

Microsoft Entra Cloud Sync-sync from on premise to AAD/Entra

140
Q

B2B direct connect

A

B2B direct connect is a new way to collaborate with other Microsoft Entra organizations using Microsoft Teams shared channels. With B2B direct connect, you create two-way trust relationships with other Microsoft Entra organizations to allow users to seamlessly sign in to your shared resources and vice versa. B2B direct connect users aren’t represented in your Microsoft Entra directory (they aren’t added as guests), but they’re visible from within the Teams shared channel and can be monitored in Teams admin center reports. When two organizations mutually enable B2B direct connect, users authenticate in their home organization and receive a token from the resource organization for access.

141
Q

B2B collaboration

A

B2B collaboration enables employees of an organization to collaborate with external users by letting them use their preferred identity to sign in to your Microsoft applications or other enterprise applications. B2B collaboration users are represented in your directory, typically as guest users.

142
Q

A Microsoft Entra joined device

A

A Microsoft Entra joined device is a device joined to Microsoft Entra ID through an organizational account, which is then used to sign in to the device. Microsoft Entra joined devices are generally owned by the organization.

143
Q

Conditional Access Conditions

A
  • Conditions define where and when the policy will apply. Multiple conditions can be combined to create fine-grained and specific Conditional Access policies. Some of the conditions include:
  • Sign-in risk and user risk. Integration with Microsoft Entra ID Protection allows Conditional Access policies to identify suspicious actions related to user accounts in the directory and trigger a policy. Sign-in risk is the probability that a given sign-in, or authentication request, isn’t authorized by the identity owner. User risk is the probability that a given identity or account is compromised.
  • Devices platform. Device platform, which is characterized by the operating system that runs on a device can be used when enforcing Conditional Access policies.
  • IP location information. Organizations can define trusted IP address ranges that can be used when making policy decisions. Also, administrators can opt to block or allow traffic from an entire country/region’s IP range.
  • Client apps. Clients apps, the software the user is employing to access the cloud app, including browsers, mobile apps, desktop clients, can also be used in access policy decision.
    Filters for devices. Organizations can enforce policies based on device properties, by using the filters for devices option. As an example, this option may be used to target policies to specific devices like privileged access workstations.
144
Q

Types of Admins

A
  • Global administrator: users with this role have access to all administrative features in Microsoft Entra. The person who signs up for the Microsoft Entra tenant automatically becomes a global administrator.
  • User administrator: users with this role can create and manage all aspects of users and groups. This role also includes the ability to manage support tickets and monitor service health.
    Billing administrator: users with this role make purchases, manage subscriptions and support tickets, and monitor service health.
145
Q

Microsoft Entra RBAC

A

Microsoft Entra RBAC - Microsoft Entra roles control access to Microsoft Entra resources such as users, groups, and applications.

146
Q

Azure RBAC -

A

Azure RBAC - Azure roles control access to Azure resources such as virtual machines or storage using Azure Resource Management.

147
Q

Endpoints with Microsoft Defender for Endpoint

A

Endpoints with Microsoft Defender for Endpoint - Microsoft Defender for Endpoint is a unified endpoint platform for preventative protection, post-breach detection, automated investigation, and response.

148
Q

Assets with Defender Vulnerability Management

A

Assets with Defender Vulnerability Management - Microsoft Defender Vulnerability Management delivers continuous asset visibility, intelligent risk-based assessments, and built-in remediation tools to help your security and IT teams prioritize and address critical vulnerabilities and misconfigurations across your organization.

149
Q

Email and collaboration with Microsoft Defender for Office 365

A

Email and collaboration with Microsoft Defender for Office 365 - Defender for Office 365 safeguards your organization against malicious threats posed by email messages, links (URLs), and collaboration tools.

150
Q

Identities with Microsoft Defender for Identity

A

Identities with Microsoft Defender for Identity - Microsoft Defender for Identity uses Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

151
Q

Applications with Microsoft Defender for Cloud Apps

A

Applications with Microsoft Defender for Cloud Apps - Microsoft Defender for Cloud Apps is a comprehensive cross-SaaS solution that brings deep visibility, strong data controls, and enhanced threat protection to your cloud apps.

152
Q

Applications with Microsoft Defender for Cloud Apps

A

Applications with Microsoft Defender for Cloud Apps - Microsoft Defender for Cloud Apps is a comprehensive cross-SaaS solution that brings deep visibility, strong data controls, and enhanced threat protection to your cloud apps.

153
Q

Microsoft Defender Threat Intelligence (Defender TI

A

Microsoft Defender Threat Intelligence (Defender TI) can now access threat intelligence from inside the Microsoft Defender portal.
Microsoft Defender TI helps streamline security analyst triage, incident response, threat hunting, and vulnerability management workflows. Defender TI aggregates and enriches critical threat information in an easy-to-use interface.

154
Q

Differences between secure score in Microsoft Defender XDR and Microsoft Defender for Cloud

A

XDR just Azure. There’s a secure score for both Microsoft Defender XDR and Microsoft Defender for Cloud, but they’re subtly different. Secure score in Microsoft Defender for Cloud is a measure of the security posture of your Azure subscriptions. Secure score in the Microsoft Defender portal is a measure of the security posture of the organization across your apps, devices, and identities.

155
Q

The Microsoft Purview compliance portal i

A

The Microsoft Purview compliance portal is the portal for organizations to manage their compliance needs using integrated solutions for information protection, data lifecycle management, insider risk management, auditing, and more.

156
Q

What is the difference between Compliance Manager and compliance score?

A

Compliance Manager is an end-to-end solution in the Microsoft Purview compliance portal to enable admins to manage and track compliance activities. Compliance score is a calculation of the overall compliance posture across the organization. The compliance score is available through Compliance Manager.

157
Q

Microsoft Service Trust Portal -

A

Microsoft Service Trust Portal - portal to see MS certification and white papers . provides a variety of content, tools, and other resources about how Microsoft cloud services protect your data, and how you can manage cloud data security and compliance for your organization.
The Service Trust Portal (STP) is Microsoft’s public site for publishing audit reports and other compliance-related information associated with Microsoft’s cloud services. STP users can download audit reports produced by external auditors and gain insight from Microsoft-authored whitepapers that provide details on how Microsoft cloud services protect your data, and how you can manage cloud data security and compliance for your organization.

158
Q

Office Frontline Worker Plans

A

Office 365 F3 (O365 F3 license plan), also known as the “frontline worker plan,” is a subscription-based productivity platform designed specifically for employees who don’t have a desk or office and need access to a range of collaboration and communication tools including a 2GB Exchange Kiosk Plan mailbox.

159
Q

Microsoft Teams is Cloud Only

A
160
Q

Microsoft Credential Guard

A

Protects passwords in memory during login

161
Q

Exploit Guard

A

Reduces attack surface by controleld folder access, network filtering, attack surface reduction rules

162
Q

Application Guard

A

Isolates browser session from local device

163
Q

Application Cotnrol

A

Control which applications a user can run

164
Q
A