MFA
AD FS
Microsoft Entra
PAM
50

What does MFA Stand For?

Multi-Factor Authentication

Two factor or Three factor Authentication is a log in authentication to log into users accounts 


50

What does AD FS stand for

Active Directory Federation Services

AD FS has seamless access to multiple Applications without repeated Logins. 

50

What phrase does Zero Trust teach?

Never Trust, Always Verify 

Zero trust assumes that each request needs to be verify as its from an unsecured network.

50

What does PAM stand for?

Privileged Access Management

PAM helps to right size user accounts security. 

100

Name a Pro and Con of MFA?

Pros: Extra Security, Reduce Account takeovers, Protections against Password based threats

Helps Users secure accounts from threats.

Cons: External Factors, Lock out without device, User Complexity

Causes an increase of user related Issues related to MFA.

100

What is the Primary purpose of Active Directory Federation Services

To provide single sign-on access for both Windows and non-Windows applications 

100

What does CBA stand for?

Certificate-based authentication

CBA creates a digital identification and uses it for authentication. 

100

What is the parameter that defines how long a user is added

MemberTimeToLive

When using Add-ADGroupMember this can be useful when only needed to add the person to the group for a limited time frame.

150

Name one of three ways to use MFA in Active Directory on Window Server?

Active Directory AF , Microsoft Entra, RADIUS

Third party software is also supported in window server. 


150

What is the job of a Federation Server in AD FS?

The Federation Server issues security tokens that enables trusted connections between organizations.

150

What Certificate does Microsoft Entra use to Authenticate?

X.509 Certificate

Contains two things: 

A Public Key 

And an Identity (hostname , Organization) 

150

What is Privileged Access Management and why is it important?

PAM consists of principals like Just In Time (making users only have the permissions they require for a specific amount of time) and Just Enough Access (making sure that users only have the permissions they require at that time, and nothing more) to enhance user security in a domain environment.

200

Name the one of the tokens to log in with MFA?

Physical token: Devices, Security tokens

Invisible Token: Password, Pins

Identity Token: Biometrics

For Authentication it breaks it down into three tokens 

something that you have - Physical Token 

Something that you  know - Invisible Token 

Something that you are - Identity Token 

200

Name 1 to 3 of the challenges organizations might face while using AD FS?

High setup and maintenance cost, complex hardware configurations, and lack of security against modern threats

200

What phrase helps remember authentication methods for Microsoft Entra?

Something you know - Password, Pins 

something you have - Device, Security Token 

something you are - Biometrics

This is the key understanding of Authentication at the base level. 

200

What is "Just-In-Time" access, and why is it important?

JIT access limits how long users have access to certain tasks, and is important as it lowers the chances of privilege abuse or exploitation.