Summary– Planning and Implementing Authentication


In this chapter, you learned how to evaluate password-less sign-in options for your organization and deploy the ones that best suit your needs. Some password-less options, such as Windows Hello or FIDO2 keys, may require specialized hardware such as cameras, USB devices, or fingerprint readers, while the Microsoft Authenticator app method requires only the Microsoft Authenticator app on any supported Android or iOS-based device.
You also learned about deploying features such as SSPR and Azure AD Password Protection to further reduce administrative overhead and help your organization comply with security policies.
In the next chapter, we’ll learn about implementing secure access in the context of Microsoft 365.
Knowledge check
In this section, we’ll test your knowledge of some key elements from this chapter.
Questions

  1. Which password-less option supports the broadest array of devices?
    • FIDO2 security token
    • OATH token
    • Microsoft Authenticator app
    • Windows Hello for Business
  2. The _______________ is used to enable the Microsoft Authenticator app as an authentication method.
    • Authentication context
    • Authentication method
    • Authentication policy
    • Authentication registration
  3. Identify the password-less options based on public key cryptography principles.
    • Microsoft Authenticator app
    • Windows Hello for Business
    • FIDO2 security key
    • Federation
  4. Generally, before a user can register a FIDO2 security token for password-less authentication, what must they do?
    • Establish a PIN
    • Establish a second factor of authentication
    • Answer a security question
    • Restart their device
  5. You have been instructed to deploy a platform-based password-less solution. Which option meets the criteria?
    • Microsoft Authenticator app
    • FIDO2 security token
    • OATH token
    • Windows Hello for Business
    Answers
    C: Microsoft Authenticator
    C: Authentication policy
    A: Microsoft Authenticator app; B: Windows Hello for Business; C: FIDO2 security key
    B: Establish a second factor of authentication
    D: Windows Hello for Business

Leave a Reply

Your email address will not be published. Required fields are marked *