Azure Migration Solutions
Question
You need to ensure that when Azure Active Directory (Azure AD) users connect to Azure AD from the Internet by using an anonymous IP address, the users are prompted automatically to change their password.
Which Azure service should you use?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.D
Azure AD Identity Protection includes two risk policies: sign-in risk policy and user risk policy. A sign-in risk represents the probability that a given authentication request isn't authorized by the identity owner.
There are several types of risk detection. One of them is Anonymous IP Address. This risk detection type indicates sign-ins from an anonymous IP address (for example, Tor browser or anonymous VPN). These IP addresses are typically used by actors who want to hide their login telemetry (IP address, location, device, etc.) for potentially malicious intent.
You can configure the sign-in risk policy to require that users change their password.
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risksThe correct answer to the question is D. Azure AD Identity Protection.
Azure AD Identity Protection is an Azure service that provides a unified approach to detecting and mitigating potential security risks across an organization's hybrid identity infrastructure. It includes features such as user risk policy, sign-in risk policy, and risky user detection, which can help organizations protect their identities and resources.
To ensure that Azure AD users are prompted to change their password when connecting from an anonymous IP address, Azure AD Identity Protection can be used to create a user risk policy. This policy can be configured to prompt users to change their password when a sign-in is detected from an anonymous IP address, which is typically associated with high-risk activities.
Azure AD Connect Health, on the other hand, is a monitoring service that provides insights into the health and performance of an organization's hybrid identity infrastructure. It is not directly related to user authentication or password management.
Azure AD Privileged Identity Management is a service that enables organizations to manage, control, and monitor access to resources within their Azure AD environment. It is primarily focused on managing privileged access to sensitive resources and does not provide features related to password management.
Azure Advanced Threat Protection (ATP) is a security solution that provides threat intelligence and advanced analytics to detect and respond to advanced cyberattacks targeting an organization's hybrid identity infrastructure. While it can help protect against potential security risks, it does not provide features related to password management or user authentication.
In summary, Azure AD Identity Protection is the Azure service that should be used to ensure that Azure AD users are prompted to change their password when connecting from an anonymous IP address.
