SC-900 flash cards

Question 1

Zero-Trust guiding principles

Answer 1

• Always Verify: Always authenticate and authorize access based on all available elements, includes a user’s identity, location, device health, data classification, service or workload
• Use least privilege access: use just-in-time (JIT) & just-enough-access (JEA) for better data protection
• Assume breach: Always assume an attacker has gained some access to the environment.

Question 2

What is the new perimeter and preferred control plane?

Answer 2

Identity, has become the new preferred perimeter and control plane for the entire infrastructure

Question 3

Zero-Trust model

Answer 3

Not trusting anything and always verifying
trustworthiness explicitly.

Question 4

Six Pillar of Zero-Trust

Answer 4

• Identity
• Endpoint
• Data
• Apps
• Infrastructure
• Network

Question 5

When cloud computing who’s responsible for physical security?

Answer 5

The Cloud service providers

Question 6

Which following responsibilities are always retained by the customer:

Answer 6

• Data
• Endpoint
• Account
• Access management

Question 7

Traditional defense-in-depth layers are?

Answer 7

1. Data
2. Application
3. Host
4. Internal network
5. Perimeter
6. Physical Security
7. Policies, people, process

Question 8

What model approach is DDoS protection found?

Answer 8

Defense-in-Depth

Question 9

Key capabilities for Applications to handle massive amounts of traffic

Answer 9

High availability
Scale-out
Resiliency
Fault-Tolerance
Attack surface area reduction

Question 10

Common Threats

Answer 10

• Malware
• Phishing attacks
• Denial of Service (DOS) & Distributed Denial of service (DDoS)
• Ransomware
• Botnet

Question 11

What is a Malware

Answer 11

Malicious application an code that can cause damage and disrupt the normal use of devices

Question 12

Phishing Attacks

Answer 12

Attempt to steal sensitive information through emails, websites, text messages, or other forms of electronic communication.

Question 13

Denial of Service (DoS) and Distributed Denial of Service (DDoS

Answer 13

Disrupts businesses by limiting the function of a network application or exhausting a computing resource until it becomes unavailable.

Question 14

Botnet

Answer 14

is a network of compromised devices that an attacker
controls without the knowledge of their owners.

Question 15

Which one of the CIA pillars does a DoS or DDoS attack affect

Answer 15

Availability

Question 16

What is authentication?

Answer 16

the act of something or someone proving its identity to
something else.

Question 17

What is the abbreviation for authentication?

Answer 17

AuthN

Question 18

What is the most common form of multifactor authentication?

Answer 18

Text messages or phone calls

Question 19

What is OTP & What does it do?

Answer 19

One-time-passcode:

where the passcode can be used only once and is usually good for a limited time. Authenticator apps, such as the Microsoft Authenticator app, send a push notification to the device that is approved by the user.

Question 20

What is authorization?

Answer 20

Once the system
or services knows who you are—authentication—you have rights or
permissions to do things—authorization.

Question 21

What is authorization abbreviated as?

Answer 21

AuthZ

Question 22

If you want to set up a specific role assigned to your account, you might have inherited permissions in the system to add, modify, delete, or view things. what control must you implement?

Answer 22

A Role-Based Access Control (RBAC)

Question 23

What role manages all aspects of Azure Active Directory?

Answer 23

Global administrator

Question 24

What is a Global reader?

Answer 24

Same as Global administrator except without the ability to make any changes?

Question 25

At what level is Most of the authorization happens?

Answer 25

At the application level using RBAC controls

Question 26

Does authorization apply to non-human accounts?

Answer 26

Yes authorization applies even to non-human account

Question 27

In Azure AD what type of account hold roles and has the same permissions as any human accounts with that role?

Answer 27

Service accounts

Question 28

What does authorization do?

Answer 28

Authorization grants or denies permissions to various resources for
both human and non-human accounts.

Question 29

What is Active Directory?

Answer 29

Windows Server Active Directory is a multi-master, on-premises directory service that has been built into the Windows operating system since Windows 2000.

Question 30

What does Active Directory do?

Answer 30

Active Directory provides authentication, authorization, and usually a single sign-on experience to corporate resources such as file servers, email, and other applications that access the local intranet.

Question 31

What protocols does Active Directory support?

Answer 31

Active Directory supports LDAP, NTLM, Kerberos and DNS

Question 32

What functionality applies security policies to computers and users?

Answer 32

Group policy

Question 33

How can Active Directory be managed?

Answer 33

AD can be managed hierarchically in containers and organizational units

Question 34

What is the boundary for Active Directory

Answer 34

Active Directory forest

Question 35

What are boundaries used for?

Answer 35

boundaries are used in merger and acquisition scenarios, as well as some older architectures that had separate resource forests for applications.

Question 36

Federation Protocols?

Answer 36

WS-Fed, SAML, OAuth and OpenID Connect

Question 37

What does IdP or IDP do?

Answer 37

IdP handles the authentication of the users.

Question 38

Examples of IdP’s are?

Answer 38

Azure AD, Active Directory Federations Services (ADFS), Ping Federate

Question 39

What are claims

Answer 39

Claims are information that is sent to the application/resource provider that, in this case, identifies the user and any additional information about the user that the application needs to function.

Question 40

What is used to sign the claims?

Answer 40

Public key cryptography is used to digitally sign claims by the IDP using
its private key

Question 41

Common Identity attacks

Answer 41

Credential reuse, password spray, and phishing