Implement Azure Active Directory Flashcards Preview

70-533 Azure > Implement Azure Active Directory > Flashcards

Flashcards in Implement Azure Active Directory Deck (15)
Loading flashcards...
1
Q

What tool is used to sync onprem Active Directory to Azure Active Directory?

A

Azure Active Directory Synchronization Services (AAD Sync)

2
Q

If you dont want passwords syncing to Azure AD and want a single sign on experience what can you do/use?

A

Use a security token service (STS) or Active Directory Federation Service (AD FS) on-prem for authentication.

3
Q

What is the default domain for an Azure subscription?

A

*.onmicrosoft.com

4
Q

What 2 types of records can you use with your domain name registrar to verify you own the domain you are trying to add to your Azure subscription?

A

TXT (preferd) or MX Records

5
Q

What is Cloud App Discovery?

A

A service you can use to discover cloud applications being used from within your organization leveraging and endpoint agent installed on the individual machines.

6
Q

What are the two modes Azure Active Directory supports for single sign-on?

A

federation-based and password-based

7
Q

What is the URL where users can access the Access Panel?

A

https://myapps.microsoft.com

8
Q

What is the Graph API used for?

A

The graph API is used by applications to create, read, update, or delete directory objects in Azure Active Directory. An application must be configured for either the Read Directory Data or Read And Write Directory Data permissions to use the graph API.

9
Q

What 2 security token formats does Azure Active Directory support?

A

SAML and JWT

10
Q

True/False: The oauth2Permissions array node in a web service application’s manifest can be edited to allow the web service to be accessed from other applications registered in the directory, such as web applications or a native applications?

A

True, also its json

11
Q

Which protocols does Azure Active Directory provide application endpoints for?

A
  1. WS-Federation
  2. SAML-P
  3. OAuth 2.0
12
Q

The URL for a tenant-specific endpoint of SAML tokens?

A

https://sts.windows.net/

13
Q

The URL for an application endpoint used to sign in and sign out users using the SAML-P protocol?

A

https://login.windows.net//saml2

14
Q

The URL for an application endpoint used to sign in and sign out users using the WS-Federation protocol?

A

https://login.windows.net//wsfed

15
Q

A developer building a web application for your organization needs the certificate that your Azure Active Directory uses to sign SAML tokens. Which application endpoint should you provide the developer?

A

The federation metadata document endpoint points to the metadata document for the Azure Active Directory, which contains the certificate used to sign SAML tokens.