Interview: Azure Fundamentals_Part 5
Azure Active Directory (Azure AD) provides identity services that enable your users to sign in and access both Microsoft cloud applications and cloud applications that you develop.Azure AD supports single sign-on (SSO).
A tenant is a representation of an organization. A tenant is typically separated from other tenants and has its own identity.
How can I connect Active Directory with Azure AD?
Azure AD Connect
Azure AD Multi-Factor Authentication
Multifactor authentication provides additional security for your identities by requiring two or more elements to fully authenticate.
These elements fall into three categories:
- Something the user knows — email address and password.
- Something the user has — a code that’s sent to the user’s mobile phone.
- Something the user is — fingerprint or face scan
What’s Conditional Access?
Conditional Access is a tool that Azure Active Directory uses to allow (or deny) access to resources based on identity signals. These signals include who the user is, where the user is, and what device the user is requesting access from.
Conditional Access helps IT administrators:
- Empower users to be productive wherever and whenever. — For example, a user might not be challenged for second authentication factor if they’re at a known location.
- Protect the organization’s assets — If the user is signing in from an unusual location or a location that’s marked as high risk, then access might be blocked entirely
Build a cloud governance strategy on Azure
- Accelerate your cloud adoption journey by using the Cloud Adoption Framework for Azure
What’s in the Cloud Adoption Framework?
The Cloud Adoption Framework consists of tools, documentation, and proven practices. The Cloud Adoption Framework includes these stages:
- Define your strategy.
- Make a plan.
- Ready your organization.
- Adopt the cloud.
- Govern and manage your cloud environments.
2. Create a subscription governance strategy
3 . Control access to cloud resources by using Azure role-based access control
4. Prevent accidental changes by using resource locks
5 . Organize your Azure resources by using tags
6. Control and audit your resources by using Azure Policy
7. Govern multiple subscriptions by using Azure Blueprints