HOTSPOT -
You need to recommend an identity security solution for the Azure AD tenant of Litware. The solution must meet the identity requirements and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Suggested Answer:
Box 1: Azure AD administrative units
Implement delegated management of users and groups in the Azure AD tenant of Litware, including support for:
* The delegation of user management based on business units
Without Azure AD administrative units, assigning a user to the User Administrator role in Azure AD gives them rights to manage all Azure AD users. With administrative units, the user is delegated the same role, User Administrator, but that role only applies to the specified administrative unit. The administrative unit contains the users and groups that are under the scope of management.
Box 2: Enable password hash synchronization in the Azure AD Connect deployment
Existing environment: Azure AD Connect is used to implement pass-through authentication.
Password hash synchronization -
Risk detections like leaked credentials require the presence of password hashes for detection to occur.
Reference:
https://4sysops.com/archives/an-introduction-to-azure-ad-administrative-units/
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks#password-hash-synchronization
This question is in SC-100 Exam
For getting Microsoft Cybersecurity Architect Expert Certificate
Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Microsoft.
The website does not contain actual questions and answers from Microsoft's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to Microsoft.
