azure:az-500:manage_secure_access_by_using_azure_ad

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
azure:az-500:manage_secure_access_by_using_azure_ad [2022/07/21 19:28] – [Azure MFA Registration Policy] mmuzeazure:az-500:manage_secure_access_by_using_azure_ad [2022/07/22 23:17] (current) – [§ Identity Protection] mmuze
Line 12: Line 12:
   * [[azure:az-500:azure_privileged_identity_management|Azure Privileged Identity Management]]   * [[azure:az-500:azure_privileged_identity_management|Azure Privileged Identity Management]]
  
-====== § Identity Protection ======+====== Identity Protection ====== 
 +  * Identity Protection provides policies for a few common scenarios. 
 +  * These policies require an AAD P2 license 
 +  * [[https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies]] 
 +  * These are under ''Azure AD/Manage/Security/Identity Protection/Protect'' and include these: 
 +    * **Azure AD MFA registration policy** - requires users to register for MFA 
 +    * **Sign-in risk policy** - a risk score is calculated to indicate the likelihood that a sign-in was not performed by the user. Based on this score administrators can choose to block access, allow access or allow access but require multi-factor authentication. 
 +    * **User risk policy** - a risk score is calculate to indicate the likelihood that a user account has been compromised. Based on this score administrators can choose to block access, allow access or allow access but require a password change. 
   * [[https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection]]   * [[https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection]]
  
  • azure/az-500/manage_secure_access_by_using_azure_ad.1658431708.txt.gz
  • Last modified: 2022/07/21 19:28
  • by mmuze