Alerting– Managing Roles in Microsoft 365

Alerting– Managing Roles in Microsoft 365

PIM also has built-in alerting functions. The alerts are designed to provide notifications if certain risk conditions are detected. Several of the role alerts have sliders for notifications that can be used to tune them for your organization. Alerts are accessed through the Azure portal by going to the Identity Governance | Microsoft Entra roles| Alerts page. By clicking on the gear icon, you can see all of the pre-configured alerts and edit them to your needs, as shown in Figure 3.27:

Figure 3.27 – Viewing PIM Alert settings

Note

Users can only edit and manage pre-configured alerts; creating new alerts is not an option.

PIM is a tool to help reduce the surface area of your organization. By reducing the number of accounts with standing privileges, you can greatly reduce the risks presented by compromised administration accounts.

Summary

In this chapter, you learned about what it means to manage Azure AD from a least-privilege perspective. Reducing the scope and privileges used to administer an environment can greatly reduce the possible impacts of administrative actions—whether they are unintentional or targeted attacks by malicious users.

The next chapter will explore authentication options and configurations in the Microsoft 365 platform.

Exam Readiness Drill – Chapter Review Questions

Benchmark Score: 75%

Apart from a solid understanding of key concepts, being able to think quickly under time pressure is a skill that will help you ace your certification exam. That’s why, working on these skills early on in your learning journey is key.

Chapter review questions are designed to improve your test-taking skills progressively with each chapter you learn and review your understanding of key concepts in the chapter at the same time. You’ll find these at the end of each chapter.

Before You Proceed

You need to unlock these resources before you start using them. Unlocking takes less than 10 minutes, can be done from any device, and needs to be done only once. Head over to thestart of Chapter 7, Managing Security Reports and Alerts by Using the Microsoft 365 Defender Portal in this book for instructions on how to unlock them.

To open the Chapter Review Questions for this chapter, click the following link:

https://packt.link/MS102E1_CH03. Or, you can scan the following QR code:

Figure 3.28 – QR code that opens Chapter Review Questions for logged-in users

Once you login, you’ll see a page similar to what is shown in Figure 3.29:

Figure 3.29 – Chapter Review Questions for Chapter 3

Once ready, start the following practice drills, re-attempting the quiz multiple times:

Exam Readiness Drill

For the first 3 attempts, don’t worry about the time limit.

ATTEMPT 1

The first time, aim for at least 40%. Look at the answers you got wrong and read the relevant sections in the chapter again to fix your learning gaps.

ATTEMPT 2

The second time, aim for at least 60%. Look at the answers you got wrong and read the relevant sections in the chapter again to fix any remaining learning gaps.

ATTEMPT 3

The third time, aim for at least 75%. Once you score 75% or more, you start working on your timing.

Tip

You may take more than 3 attempts to reach 75%. That’s okay. Just review the relevant sections in the chapter till you get there.

Working On Timing

Target: Your aim is to keep the score the same while trying to answer these questions as quickly as possible. Here’s an example of how your next attempts should look like:

Table 3.3 – Sample timing practice drills on the online platform

Note

The time limits shown in the above table are just examples. Set your own time limits with each attempt based on the time limit of the quiz on the website.

With each new attempt, your score should stay above 75% while your time taken to complete should decrease. Repeat as many attempts as you want till you feel confident dealing with the time pressure.

Leave a Reply

Your email address will not be published. Required fields are marked *