Azure Active Directory Identity Protection - Configuration for User Risk and Sign-in Risk Policies

Implementing Azure AD Identity Protection for User and Sign-in Risk Policies

Prev Question Next Question

Question

You have an Azure subscription linked to an Azure Active Directory Premium Plan 1 tenant.

You plan to implement Azure Active Directory (Azure AD) Identity Protection.

You need to ensure that you can configure a user risk policy and a sign-in risk policy.

What should you do first?

Answers

A. Purchase Azure Active Directory Premium Plan 2 licenses for all users.

B. Register all users for Azure Multi-Factor Authentication (MFA).

C. Enable security defaults for Azure AD.

D. Upgrade Azure Security Center to the standard tier.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-risk-based-sspr-mfa

To implement Azure Active Directory (Azure AD) Identity Protection and configure a user risk policy and a sign-in risk policy, you should first enable Azure AD Identity Protection in your Azure subscription. Azure AD Identity Protection is a service that provides a set of capabilities to detect and mitigate potential identity-based risks.

To enable Azure AD Identity Protection, follow these steps:

Sign in to the Azure portal (https://portal.azure.com).
Select the Azure AD tenant that is linked to your Azure subscription.
In the left-hand menu, click on "Azure AD Identity Protection".
Click on the "Get started" button to enable Azure AD Identity Protection for your tenant.

Once you have enabled Azure AD Identity Protection, you can configure user risk policies and sign-in risk policies to help protect your organization's resources.

A user risk policy allows you to define actions to be taken when a user's risk level exceeds a certain threshold. For example, you can require the user to reset their password or perform additional authentication steps before accessing sensitive resources.

A sign-in risk policy allows you to define actions to be taken when a sign-in attempt is deemed risky. For example, you can require multi-factor authentication (MFA) or block access to the resource altogether.

It is important to note that Azure AD Premium Plan 1 is sufficient for implementing Azure AD Identity Protection and configuring user risk policies and sign-in risk policies. You do not need to purchase Azure AD Premium Plan 2 licenses for all users.

Azure Multi-Factor Authentication (MFA) is a useful security measure that can help prevent unauthorized access to your organization's resources. However, it is not required to enable Azure AD Identity Protection and configure user risk policies and sign-in risk policies.

Enabling security defaults for Azure AD is a good security practice, but it is not directly related to implementing Azure AD Identity Protection and configuring user risk policies and sign-in risk policies.

Upgrading Azure Security Center to the standard tier is also a good security practice, but it is not directly related to implementing Azure AD Identity Protection and configuring user risk policies and sign-in risk policies.

Prev Question Next Question