Managing Cloud Identities Flashcards
(19 cards)
How is a custom banned password list configured in Entra ID?
Entra ID | Security | Authentication methods | Password protection
What are Entra ID security defaults?
A set of configurations recommended by Microsoft designed to protect organizations from common identity-based attacks such as password spraying and phishing
What do security defaults enable?
These basic controls include:
- Requiring all users to register for multifactor authentication
- Requiring administrators to do multifactor authentication
- Requiring users to do multifactor authentication when necessary
- Blocking legacy authentication protocols
- Protecting privileged activities like access to the Azure portal
Define Entra ID protection
It uses advanced machine learning to identify sign-in risks and unusual user behavior, allowing organizations to block, challenge, limit, or allow access as needed
How does Entra ID protection determine a sign-in risk?
The admin creates a policy to define a sign-in risk
policy. The sign-in risk policy is an automated response depending on the specified sign-in
risk level that is used to either block access to your resources or to require a user to pass
an MFA challenge
Define user risk detection
All risk detections that have been detected for a user and that have not been resolved are known as active risk detections. All active risk detections that are associated with a user define the risk to the user. Based on the risk to the user, Azure AD calculates the probability (Low, Medium, High) that the user account has been compromised. This probability is known as the user risk level.
How is a sign-in risk policy created?
Entra ID | Security | Identity Protection | Sign-in risk policy
How is a user risk policy created?
Entra ID | Security | Identity Protection | User risk policy
What are the components of a role assignment in Entra ID?
- A security principal, which can be either one of users, groups, or service principals.
- A role, which describes a set of management rights.
- A scope to set the access rights, starting from the management group level down to
single resources.
How are role assignments inhereited?
Top to bottom
When creating a custom Entra ID role assignment what needs to be defined when creating the role?
Define which resource operations should be allowed to meet the goal - Find out which resources provider operations exist
How can you find resource provider operations?
Google or PS command Get-AzProviderOperation <operation> | FT OperationName,
Operation, Description -autosize</operation>
How can you find all the Microsoft resource providers based on Azure service?
https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-services-resource-providers
How can you find all resource providers in Azure and the registration status in your subscription?
Get-AzResourceProvider -ListAvailable | Select-Object ProviderNamespace, RegistrationState
How can you find all the registered resource providers in you subscription?
Get-AzResourceProvider -ListAvailable | Where-Object RegistrationState -eq “Registered” | Select-Object ProviderNamespace, RegistrationState | Sort-Object ProviderNamespace
What is best practice for registering resource providers?
To maintain least privileges in your subscription, only register those resource providers that you’re ready to use
What is the command to retrieve all the actions related to a role definition?
(Get-AzRoleDefinition <”role name”>).actions
Describe Entra Privileged Identity Management (PIM)
Enables time-based access to privileged roles/actions and resources; Allows for an approval process when privileged access is requested; Enables monitoring of the usage of privileged roles
