Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company's Active Directory forest includes thousands of user accounts.
You have been informed that all network resources will be migrated to Azure. Thereafter, the on-premises data center will be retired.
You are required to employ a strategy that reduces the effect on users, once the planned migration has been completed.
Solution: You plan to sync all the Active Directory user accounts to Azure Active Directory (Azure AD).
Does the solution meet the goal?
Click on the arrows to vote for the correct answer
A. B.A
The correct answer to this question is A. Azure Key Vault.
Explanation: When deploying servers to Azure, it is important to protect administrative credentials from exposure. Azure Key Vault is a solution that can be used to encrypt and securely store secrets, such as passwords, connection strings, and other sensitive information.
With Azure Key Vault, administrators can securely store and manage cryptographic keys, certificates, and other secrets, using hardware security modules (HSMs) to protect the confidentiality and integrity of data. This solution provides a secure central location to manage and protect secrets, and allows for fine-grained access control to limit who can access the stored secrets.
Azure Information Protection is a solution for classifying, labeling, and protecting documents and emails. This solution is not designed for protecting administrative credentials during deployment.
Microsoft Defender for Cloud is a security solution that provides unified visibility, automated threat protection, and intelligent insights to help detect and respond to security threats across cloud workloads. It is not designed for protecting administrative credentials during deployment.
Azure Multi-Factor Authentication (MFA) is a solution that requires users to provide additional authentication factors, such as a code sent to their mobile device, in addition to a password, to gain access to a resource. While MFA can help protect against unauthorized access to resources, it is not designed for protecting administrative credentials during deployment.
Therefore, the recommended solution for encrypting administrative credentials during deployment is Azure Key Vault.
The solution of syncing all Active Directory user accounts to Azure Active Directory is a valid approach towards reducing the impact on users during a migration of on-premises resources to Azure. Therefore, the answer is A) Yes, the solution meets the goal.
When a user's account is synced from Active Directory to Azure AD, the user can seamlessly access resources in both on-premises and cloud environments. Therefore, once the migration to Azure is complete, users can continue accessing resources without experiencing any downtime or interruption.
Syncing Active Directory user accounts to Azure AD enables an organization to take advantage of Azure AD's identity and access management features, such as Single Sign-On (SSO) and multi-factor authentication (MFA), providing enhanced security and streamlined user experience.
In summary, syncing Active Directory user accounts to Azure AD is a valid approach towards reducing the impact on users during a migration of on-premises resources to Azure. It provides a seamless transition for users, ensures security, and enhances user experience.