SC-900 Microsoft Security Compliance and Identity Fundamentals Questions and Answers

Graphical user interface, text, application, email Description automatically generated

Box 1: Yes

Azure AD supports custom roles.

Box 2: Yes

Global Administrator has access to all administrative features in Azure Active Directory. Box 3: No

The recommended way to enable and use Azure AD Multi-Factor Authentication is with Conditional Access policies. Conditional Access lets you create and define policies that react to sign-in events and that request additional actions before a user is granted access to an application or service.

Microsoft Secure Score for Devices

• Artikel
• 12.05.2022
• 3 Minuten Lesedauer

Applies to:

• Microsoft Defender for Endpoint Plan 2
• Microsoft Defender Vulnerability Management
• Microsoft 365 Defender

Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

To sign up for the Defender Vulnerability Management public preview or if you have any questions, contact us (mdvmtrial@microsoft.com).

Already have Microsoft Defender for Endpoint P2? Sign up for a free trial of the Defender Vulnerability Management Add-on.

Configuration score is now part of vulnerability management as Microsoft Secure Score for Devices.

Your score for devices is visible in the Defender Vulnerability Management dashboard of the Microsoft 365 Defender portal. A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks. It reflects the collective security configuration state of your devices across the following categories:

• Application
• Operating system
• Network
• Accounts
• Security controls

Select a category to go to the Security recommendations page and view the relevant recommendations.

Turn on the Microsoft Secure Score connector

Forward Microsoft Defender for Endpoint signals, giving Microsoft Secure Score visibility into the device security posture. Forwarded data is stored and processed in the same location as your Microsoft Secure Score data.

Changes might take up to a few hours to reflect in the dashboard.

• In the navigation pane, go to Settings > Endpoints > General > Advanced features
• Scroll down to Microsoft Secure Score and toggle the setting to On.
• Select Save preferences.

How it works

Microsoft Secure Score for Devices currently supports configurations set via Group Policy. Due to the current partial Intune support, configurations which might have been set through Intune might show up as misconfigured. Contact your IT Administrator to verify the actual configuration status in case your organization is using Intune for secure configuration management.

The data in the Microsoft Secure Score for Devices card is the product of meticulous and ongoing vulnerability discovery process. It is aggregated with configuration discovery assessments that continuously:

• Compare collected configurations to the collected benchmarks to discover misconfigured assets
• Map configurations to vulnerabilities that can be remediated or partially remediated (risk reduction)
• Collect and maintain best practice configuration benchmarks (vendors, security feeds, internal research teams)
• Collect and monitor changes of security control configuration state from all assets

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management: Provide just-in-time privileged access to Azure AD and Azure resources Assign time-bound access to resources using start and end dates Require approval to activate privileged roles Enforce multi-factor authentication to activate any role Use justification to understand why users activate Get notifications when privileged roles are activated Conduct access reviews to ensure users still need roles Download audit history for internal or external audit Prevents removal of the last active Global Administrator role assignment

Multifactor authentication combines two or more independent credentials: what the user knows, such as a password; what the user has, such as a security token; and what the user is, by using biometric verification methods.

Text, letter Description automatically generated

Azure Bastion provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS.

Graphical user interface, text, application, email Description automatically generated

Box 1: No

Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.

Box 2: Yes

Microsoft 365 uses Azure Active Directory (Azure AD). Azure Active Directory (Azure AD) is included with your Microsoft 365 subscription.

Box 3: Yes

Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.

Graphical user interface, text, application Description automatically generated

Graphical user interface, text, application Description automatically generated

Firewall is really not directly protecting the Virtual Networks though DDOS would have been ideal for VNETS

Graphical user interface, text, application, email Description automatically generated

Compliance score

Graphical user interface, text, application Description automatically generated

eDiscovery

https://docs.microsoft.com/en-us/microsoft-365/compliance/ediscovery?view=o365-worldwide

Graphical user interface, text, application Description automatically generated

Graphical user interface, text Description automatically generated with medium confidence

Graphical user interface, text, application, email Description automatically generated

Box 1: Yes

System updates reduces security vulnerabilities, and provide a more stable environment for end users. Not applying updates leaves unpatched vulnerabilities and results in environments that are susceptible to attacks.

Box 2: Yes

Box 3: Yes

If you only use a password to authenticate a user, it leaves an attack vector open. With MFA enabled, your accounts are more secure.