Azure Security & Compliance Fundamentals Notes

Fundamentals of Cloud Identity 

Azure AD is identity provider which is used for Exchange online.

A security token is signed set of claims related to an authenticated user.

Azure Active Directory

  • Azure Active Directory
  • Azure AD User Types
  • Hybird Identity

Azure Active Directory

  • Cloud-Based authentication and identity provider
  • Integrates with over 3,300 cloud apps
  • Ecery Azure subscription is tied to a “primary” Azure AD tenant
  • Synchronizes with on-premises Active Directory
  • Offers a wide range of identity and security services
  • Multiple feature tires

Azure AD User Types

  • Each Azure AD tenant can have its own cloud users.
  • Can grant an identity for thay cloud user(to Guest User) in my Azure AD tenant.
  • Each Azure AD tenant can be associated with multiple subscriptions
  • Azure AD provides authentication for cloud-based applications
  • An Azure AD guest user is a user reference added to an Azure AD tenant that is defined in a different Azure AD tenant

Azure MFA in Practice

  • Cloud and on-premises MFA
  • Availablefor different Azure AD pricing tiers
    • Free – limited functionality available for global admin
    • Basic – theoretically available
    • Office 365 – limited functionality available to each licensed Office 365 user
    • Premium – full functionality
  • Combine with conditional access

Multi-Factor Authentication

https://docs.microsoft.com/zh-tw/azure/active-directory/authentication/concept-mfa-howitworks

Available verification methods

  • Microsoft Authenticator app
  • OATH Hardware token (preview)
  • OATH Software token
  • SMS
  • Voice call
Back To Top
error: 內容被保護 !!