Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 by Dwayne Natwick
Author:Dwayne Natwick
Language: eng
Format: epub
Publisher: Packt
Published: 2022-11-15T00:00:00+00:00
Azure AD Identity Protection
Azure AD Identity Protection provides additional capabilities within Azure AD to monitor user activity and recognize, through Microsoft's machine learning capabilities, anomalous and suspicious activity on user accounts. Figure 7.21 shows how to search and access Azure AD Identity Protection within the Azure portal:
Figure 7.21 â Azure AD Identity Protection
Azure AD Identity Protection provides feedback in two areas: user risk and sign-in risk. Both are related to user behavior, but it is important to understand the differences between them:
User risk is an activity that pertains directly to a user. This is primarily seen in the form of potentially leaked credentials, or something identified through threat intelligence attack patterns being targeted on a particular user.
Sign-in risk identifies that a request for authentication might not be requested by the authorized identity owner. Some examples of a sign-in risk would include login attempts from anonymous IP addresses, atypical travel, suspicious browsers, and IP addresses linked with malware, among others.
Additional information and examples can be found at this link: https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks. It is important to identify the difference between user risk and sign-in risk for the exam.
Figure 7.22 shows the Protect and Report menus of Azure AD Identity Protection. We will discuss reports in the next section. To protect against attackers gaining access to resources, policies can be put in place to block access or require additional verification when a user or sign-in is flagged at a certain risk level, low, medium, or high:
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Red Hat Certified Specialist in Services Management and Automation EX358 Exam Guide by Eric McLeroy(5825)
The KCNA Book by Nigel Poulton(4074)
Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 by Dwayne Natwick(3437)
Designing and Implementing Microsoft Azure Networking Solutions by David Okeyode(3336)
Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide by Trevor Stuart and Joe Anich(3295)
Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide by Trevor Stuart & Joe Anich(3198)
TCP IP by Todd Lammle(2956)
Microsoft Power BI Data Analyst Certification Guide by Ed Corcoran Orrin Edenfield(2906)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2505)
Unity Certified Programmer: Exam Guide by Philip Walker(2381)
Networking A Beginner's Guide by Bruce Hallberg(2191)
Microsoft Power Platform Solution Architect's Handbook by Hugo Herrera(2011)
31 Days Before Your CompTIA A+ Exams (Shanette Luellen's Library) by Benjamin Patrick Conry(1844)
CompTIA A+ Practice Tests Core 1 (220-1101) and Core 2 (220-1102) by Ian Neil and Mark Birch(1768)
MCSA Windows Server 2016 Study Guide: Exam 70-741 by William Panek(1652)
PHP 7 Zend Certification Study Guide by Andrew Beak(1627)
Healthcare Information Security and Privacy (All-In-One) by Sean Murphy(1535)
CompTIA A+ Certification Guide (220-901 and 220-902) by Matthew Bennett(1512)
RHCSA & RHCE Red Hat Enterprise Linux 7: Training and Exam Preparation Guide (EX200 and EX300), Third Edition by Asghar Ghori(1469)
