Implement and Manage Identity and Access in Azure AD
Across
- 1. When reviewing a failed sign-in in the sign-in logs, you can get more information about the reason for the failure in the ___________ info section of the related log item.
- 4. Users can register for SSPR by browsing to https://aka.ms/___________, or by clicking on the "Register for password reset" link under the Profile tab in the Access Panel.
- 5. You can implement ___________-based and app-based Conditional Access policies.
- 8. Before deploying directory synchronization, you need to make sure your on-premises user objects have a ___________ suffix configured, and that its value is correct for both the Active Directory domain and Microsoft 365.
- 10. The ___________ banned password list allows you to add your own disallowed terms to this list of terms banned by the global banned list.
- 12. Microsoft ___________ is a mobile app that adds extra security to your accounts with two-factor authentication, protecting you from unauthorized access and phishing attacks.
- 15. Azure AD Identity ___________ helps organizations secure their users' identities by automating the detection and remediation of identity-based risks, investigating these risks using data in the portal, and exporting risk detection data to other tools for further analysis.
- 16. Azure AD Conditional Access works with Microsoft Intune ___________ policies to control the devices and apps that can access your company resources.
- 18. To use self-service password reset, users must first register their desired ___________ methods.
- 19. Identity Protection detects various risks, including anonymous IP address use, ___________ travel, malware-linked IP addresses, unfamiliar sign-in properties, leaked credentials, password spray attacks, and more.
- 21. The Microsoft 365 ___________ tool can help you identify and fix most object synchronization errors in Active Directory forests.
- 22. Organizations can enable MFA in three primary ways: Conditional Access, ___________ Defaults, and the Microsoft 365 admin center.
- 23. Microsoft recommends enabling email notifications to respond promptly when users are flagged as at risk. To do this, you can set up weekly ___________ emails to get an overview of risk events that have occurred.
- 25. Windows Hello for Business replaces passwords with strong two-factor authentication that's tied to a device and uses either ___________ or a PIN.
Down
- 2. When forcing a manual synchronization in Azure AD Connect, using PowerShell, the Start-___________ -PolicyType Delta command starts a delta synchronization.
- 3. Azure AD Connect Health is part of Azure AD ___________.
- 6. The ___________ banned password list is created by the Azure AD Identity Protection team, which constantly analyzes Azure AD security telemetry data to identify weak or compromised passwords.
- 7. Users can register a mobile app when registering for SSPR at https://aka.ms/___________, or in the combined security info registration at https://aka.ms/setupsecurityinfo.
- 9. When preparing for directory synchronization, you should clean up your Active Directory by removing duplicate ___________ and userPrincipalName attributes.
- 11. Identity Protection detects risks, reports them, and allows administrators to investigate and remediate them, keeping organizations safe. Risks can also be fed into tools like Conditional Access or a ___________ tool for further investigation.
- 13. To access a sign-in log, you can navigate to the Azure Active Directory menu and open the sign-in log within the ___________ section.
- 14. When setting up Azure AD Connect, ___________ Setup is designed for organizations with more advanced configurations.
- 15. Conditional Access ___________ enhance security by enabling MFA based on specific conditions.
- 17. When setting up Azure AD Connect, ___________ Setup is the default option, which works for most organizations with a single forest.
- 20. You can enable or disable password ___________ through the Azure portal. When enabled, federated, pass-through authentication, or password hash synchronized users are allowed to reset their passwords.
- 24. As an administrator, you can create policies to manage Windows Hello for Business use on devices that connect to your organization. Biometric sign-in options include facial recognition, fingerprint recognition, and ___________ recognition.