Manage device authentication Flashcards
(43 cards)
What is Microsoft Entra join?
A method to join devices to Microsoft Entra ID for cloud management and access.
Which 3 operating systems support Microsoft Entra join?
- All Windows 11 and Windows 10 devices except Home editions,
- Windows Server 2019
- newer Virtual Machines running in Azure.
What is a requirement for devices to join an AD DS domain?
Devices must run a supported operating system version;
Home editions of Windows do not support joining a domain.
For users, what is the primary benefit of Microsoft Entra join for businesses largely in the cloud?
Users can sign into Windows using accounts created in Microsoft Entra ID and access cloud resources like Microsoft 365.
What user types are typically found in educational institutions regarding Microsoft Entra ID?
Faculty and students.
Why would an organization separate temporary accounts in Microsoft Entra ID?
To manage temporary accounts separately from regular accounts for contractors or seasonal workers.
What is a scenario where Microsoft Entra join could be beneficial?
When most applications and resources used are in the cloud.
What is required for users to join their devices to Microsoft Entra ID?
Users need to enter their Microsoft Entra credentials and accept management policies.
What does Microsoft Entra hybrid join allow?
It allows joining on-premises Active Directory domain-joined devices to Microsoft Entra ID.
Which operating systems are supported for Microsoft Entra hybrid join?
- Windows 11, Windows 10, Windows 8.1 except Home editions,
- Windows Server 2008/R2, 2012/R2, 2016, 2019, and 2022.
True or False: Microsoft Entra hybrid join can be used in a single forest environment synchronized to multiple Microsoft Entra tenants.
False.
What are the 3 reasons to use Microsoft Entra hybrid join?
- To manage Win32 apps that rely on Active Directory machine authentication.
- If you require Group Policy to manage some of your devices
- If you want to continue to use imaging solutions to configure devices for your employee
What is the first planning step for Microsoft Entra hybrid join?
Review your environment to determine support for Windows down-level devices.
What management tool can be used for devices registered with Microsoft Entra ID?
Intune.
What is a key limitation of managing devices joined to Microsoft Entra ID?
Devices cannot be managed using Group Policy.
When can users join their devices to Microsoft Entra ID?
During initial Windows setup or by opening system settings later.
What is a key feature of Microsoft Entra join regarding device access to ressources ?
Access to cloud-based resources and Azure-based resources using SSO.
What is the Bring Your Own Device (BYOD) concept in relation to Microsoft Entra ID?
Enabling users to join their own devices to the organizational environment, to access cloud resources
What must be configured to join a Windows device in Microsoft Entra tenant?
The device registration service must be configured to enable you to register devices.
What is the maximum number of devices that can be registered?
15
You must have fewer devices registered than the configured maximum.
If your tenant is federated, what protocol support is required?
Your Identity provider MUST support WS-Fed and WS-Trust username/password endpoint.
What is the primary purpose of Microsoft Entra join?
Intended for organizations that want to be
* cloud-first : primarily use cloud services, with a goal to reduce use of an on-premises infrastructure
or
* cloud-only: no on-premises infrastructure
Are there restrictions on the size or type of organizations that can deploy Microsoft Entra join?
No restrictions on the size or type of organizations.
5
What are the benefits of implementing Microsoft Entra joined devices?
- Single-Sign-On (SSO) to your Azure managed SaaS apps and services.
- Enterprise compliant roaming of user settings across joined devices.
- Windows Hello support
- Restriction of access to apps from only devices that meet compliance policy
- Seamless access to on-premises resources when the device has line of sight to the on-premises domain controller
