Plan, Implement, Administer Conditional Access Flashcards

1
Q

What switch is provided to for default protection settings in Azure?

A

“Enable Security Defaults”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

3 scenarios where security defaults should not be used.

A
  1. Using Conditional Access Policies
  2. Azure AD Premium
  3. Complex Security Requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Using Security Defaults to enable user authentication MFA, how long does a user have to register?

A

14 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Can you configure legacy authentication to use MFA?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List 5 benefits of Conditional Access

A
  1. Increase Productivity
  2. Manage Risk
  3. Address Compliance and Governance
  4. Manage Cost
  5. Zero Trust
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In terms of a Conditional Access Policies, what are “assignments”?

A

Conditions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What license is required to combine Conditional Access with Azure AD Identity Protection?

A

Azure AD Premium 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What 2 types of accounts should be excluded from Block Policies?

A
  • Break-glass Accounts

- Service Accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What 3 types of Administrators can set up a Conditional Access policy?

A
  1. Global Administrator
  2. Security Administrator
  3. Conditional Access Administrator
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What set of rules ensure an organization’s data remains safe or contained in a managed app?

A

App Protection Policies (APP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What solution provides app protection for BYOD devices?

A

Mobile Application Management without enrollment (MAM-WE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What solution protects app data on a mobile device?

A

Mobile Application Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the purpose of report-only mode?

A

Allow Administrators an evaluation time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How many bad password attempts does Smart lockout cache?

A

3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What license is required to customize Smart lockout settings?

A

Azure AD Premium 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What two mechanisms exist to keep Smart lockout from locking out a genuine user?

A
  1. Data centers track lockouts independently.

2. Tracks location

17
Q

Can Smart Lockout protect on-premises AD?

A

Yes. Integrated with password hash sync or pass-through authentication.

18
Q

Which lockout timer should be higher when using Smart Lockout with PTA?

A

The Azure AD should be less than the AD DS.

19
Q

What does Conditional Access do?

A

It analyzes signals such as user, device, and location to enforce organizational access policies.

20
Q

When would you use Mobile Application Management (MAM) without enrollment to protect sensitive data in a work or school-related app?

A

Bring-your-own-device (BYOD) scenarios

21
Q

What is user sign-in frequency?

A

User sign-in frequency defines the time period before a user is asked to sign in again when attempting to access a resource.