Microsoft Entra ID
& Identity
& Identity
An object that can be authenticated in Microsoft Entra ID.
What is an identity?
A logical container that holds Azure resources which share the same lifecycle.
What is a resource group?
The primary boundary that defines a private IP address space in Azure.
What is a virtual network (VNet)?
The Azure feature that connects two VNets using the Microsoft backbone.
What is VNet peering?
The browser-based environment that provides Bash or PowerShell without local installation.
What is Azure Cloud Shell?
This type of user is commonly created when inviting someone from another organization
What is a guest (B2B) user?
The Azure feature that enforces rules such as allowed locations or required
What is Azure Policy?
The notation used to describe the size of an IP address range, such as /16 or /24.
What is CIDR notation
A key limitation of VNet peering that requires explicit configuration.
What is non-transitive connectivity?
The Azure deployment model that uses declarative JSON templates.
What is Azure Resource Manager (ARM)?
Two Microsoft Entra ID group membership types that automatically add or remove members.
What are assigned and dynamic memberships?
A grouping of multiple Azure Policy definitions managed as a single unit.
What is an initiative?
Five IP addresses in every subnet are reserved by Azure for platform use.
What happens to the first four and last IP addresses in a subnet
This routing type is automatically created by Azure and cannot be deleted.
What are system-defined routes?
The section of an ARM template that defines which Azure resources are deployed.
What is the resources section?
This Entra ID feature allows users to reset their passwords after verifying authentication methods.
What is Self-Service Password Reset (SSPR)?
The built-in Azure role that can create and manage resources but cannot grant access.
What is the Contributor role?
This Azure object filters inbound and outbound traffic using rules at Layer 4.
What is a Network Security Group (NSG)?
This routing method allows traffic to be directed through a virtual appliance.
What are user-defined routes (UDRs)?
An infrastructure-as-code language that simplifies ARM JSON syntax.
What is Bicep?
The Entra ID plan required for Privileged Identity Management (PIM).
What is Microsoft Entra ID P2?
The highest scope in the Azure hierarchy above subscriptions, used for policy and RBAC inheritance.
What is a management group?
A logical grouping of virtual machines that can be used as a source or destination in NSG rules.
What is an Application Security Group (ASG)?
A hub-and-spoke design technique that uses UDRs to send traffic through a central appliance.
What is service chaining?
The ARM template elements that prompt for values such as usernames or passwords at deployment time.
What are parameters?