Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 by Dwayne Natwick
Author:Dwayne Natwick
Language: eng
Format: epub
Publisher: Packt
Published: 2022-11-15T00:00:00+00:00
Azure AD Identity Protection
Azure AD Identity Protection provides additional capabilities within Azure AD to monitor user activity and recognize, through Microsoft's machine learning capabilities, anomalous and suspicious activity on user accounts. Figure 7.21 shows how to search and access Azure AD Identity Protection within the Azure portal:
Figure 7.21 â Azure AD Identity Protection
Azure AD Identity Protection provides feedback in two areas: user risk and sign-in risk. Both are related to user behavior, but it is important to understand the differences between them:
User risk is an activity that pertains directly to a user. This is primarily seen in the form of potentially leaked credentials, or something identified through threat intelligence attack patterns being targeted on a particular user.
Sign-in risk identifies that a request for authentication might not be requested by the authorized identity owner. Some examples of a sign-in risk would include login attempts from anonymous IP addresses, atypical travel, suspicious browsers, and IP addresses linked with malware, among others.
Additional information and examples can be found at this link: https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks. It is important to identify the difference between user risk and sign-in risk for the exam.
Figure 7.22 shows the Protect and Report menus of Azure AD Identity Protection. We will discuss reports in the next section. To protect against attackers gaining access to resources, policies can be put in place to block access or require additional verification when a user or sign-in is flagged at a certain risk level, low, medium, or high:
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
TCP IP by Todd Lammle(2642)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2315)
The KCNA Book by Nigel Poulton(2001)
Red Hat Certified Specialist in Services Management and Automation EX358 Exam Guide by Eric McLeroy(2000)
Networking A Beginner's Guide by Bruce Hallberg(1936)
31 Days Before Your CompTIA A+ Exams (Shanette Luellen's Library) by Benjamin Patrick Conry(1665)
Unity Certified Programmer: Exam Guide by Philip Walker(1492)
MCSA Windows Server 2016 Study Guide: Exam 70-741 by William Panek(1480)
PHP 7 Zend Certification Study Guide by Andrew Beak(1453)
Healthcare Information Security and Privacy (All-In-One) by Sean Murphy(1372)
CompTIA A+ Certification Guide (220-901 and 220-902) by Matthew Bennett(1339)
Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 by Dwayne Natwick(1334)
Designing and Implementing Microsoft Azure Networking Solutions by David Okeyode(1322)
RHCSA & RHCE Red Hat Enterprise Linux 7: Training and Exam Preparation Guide (EX200 and EX300), Third Edition by Asghar Ghori(1304)
Essential Office 2016 by Wilson Kevin(1254)
Mobile Computing Deployment and Management by Robert J. Bartz(1254)
Essential Office 2016 (Computer Essentials) by Kevin Wilson(1229)
The Tao of Network Security Monitoring by Richard Bejtlich(1195)
CCNA Cisco Certified Network Associate Practice Labs and Simulations by Shwergho Smith(1149)