Implement and Manage Identity and Access in Azure AD

12345678910111213141516171819202122232425
Across
  1. 1. When reviewing a failed sign-in in the sign-in logs, you can get more information about the reason for the failure in the ___________ info section of the related log item.
  2. 4. Users can register for SSPR by browsing to https://aka.ms/___________, or by clicking on the "Register for password reset" link under the Profile tab in the Access Panel.
  3. 5. You can implement ___________-based and app-based Conditional Access policies.
  4. 8. Before deploying directory synchronization, you need to make sure your on-premises user objects have a ___________ suffix configured, and that its value is correct for both the Active Directory domain and Microsoft 365.
  5. 10. The ___________ banned password list allows you to add your own disallowed terms to this list of terms banned by the global banned list.
  6. 12. Microsoft ___________ is a mobile app that adds extra security to your accounts with two-factor authentication, protecting you from unauthorized access and phishing attacks.
  7. 15. Azure AD Identity ___________ helps organizations secure their users' identities by automating the detection and remediation of identity-based risks, investigating these risks using data in the portal, and exporting risk detection data to other tools for further analysis.
  8. 16. Azure AD Conditional Access works with Microsoft Intune ___________ policies to control the devices and apps that can access your company resources.
  9. 18. To use self-service password reset, users must first register their desired ___________ methods.
  10. 19. Identity Protection detects various risks, including anonymous IP address use, ___________ travel, malware-linked IP addresses, unfamiliar sign-in properties, leaked credentials, password spray attacks, and more.
  11. 21. The Microsoft 365 ___________ tool can help you identify and fix most object synchronization errors in Active Directory forests.
  12. 22. Organizations can enable MFA in three primary ways: Conditional Access, ___________ Defaults, and the Microsoft 365 admin center.
  13. 23. Microsoft recommends enabling email notifications to respond promptly when users are flagged as at risk. To do this, you can set up weekly ___________ emails to get an overview of risk events that have occurred.
  14. 25. Windows Hello for Business replaces passwords with strong two-factor authentication that's tied to a device and uses either ___________ or a PIN.
Down
  1. 2. When forcing a manual synchronization in Azure AD Connect, using PowerShell, the Start-___________ -PolicyType Delta command starts a delta synchronization.
  2. 3. Azure AD Connect Health is part of Azure AD ___________.
  3. 6. The ___________ banned password list is created by the Azure AD Identity Protection team, which constantly analyzes Azure AD security telemetry data to identify weak or compromised passwords.
  4. 7. Users can register a mobile app when registering for SSPR at https://aka.ms/___________, or in the combined security info registration at https://aka.ms/setupsecurityinfo.
  5. 9. When preparing for directory synchronization, you should clean up your Active Directory by removing duplicate ___________ and userPrincipalName attributes.
  6. 11. Identity Protection detects risks, reports them, and allows administrators to investigate and remediate them, keeping organizations safe. Risks can also be fed into tools like Conditional Access or a ___________ tool for further investigation.
  7. 13. To access a sign-in log, you can navigate to the Azure Active Directory menu and open the sign-in log within the ___________ section.
  8. 14. When setting up Azure AD Connect, ___________ Setup is designed for organizations with more advanced configurations.
  9. 15. Conditional Access ___________ enhance security by enabling MFA based on specific conditions.
  10. 17. When setting up Azure AD Connect, ___________ Setup is the default option, which works for most organizations with a single forest.
  11. 20. You can enable or disable password ___________ through the Azure portal. When enabled, federated, pass-through authentication, or password hash synchronized users are allowed to reset their passwords.
  12. 24. As an administrator, you can create policies to manage Windows Hello for Business use on devices that connect to your organization. Biometric sign-in options include facial recognition, fingerprint recognition, and ___________ recognition.