You have been tasked with applying conditional access policies for your company's current Azure Active Directory (Azure AD).
The process involves assessing the risk events and risk levels.
Which of the following is the risk level that should be configured for users that have leaked credentials?
D
These six types of events are categorized in to 3 levels of risks ג€" High, Medium & Low:
Reference:
http://www.rebeladmin.com/2018/09/step-step-guide-configure-risk-based-azure-conditional-access-policies/
Yes, he's High!
cheers
D. High Note: It is very unlikely the Microsoft will require the memorization of specific risk levels given that they have changed the documentation. Previously the risk levels were very well defined, however they now provide this very vague paragraph: "Microsoft doesn't provide specific details about how risk is calculated. Each level of risk brings higher confidence that the user or sign-in is compromised. For example, something like one instance of unfamiliar sign-in properties for a user might not be as threatening as leaked credentials for another user." Modern Documentation: https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection#investigate-risk Legacy Documentation: https://web.archive.org/web/20190419234045/https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-risk-events
Someone confirm if these questions are still on the exam. These are no longer up to date, and now analyzed as Real-Time and Offline.
Use logic and think like a security professional, users with Leaked credentials are always at high risk. Imagine the user is global admin. MFA is there, but still it is high risk. Nothing is secure and privacy is a myth before Advance Persistent Threat.
The risk level that should be configured for users that have leaked credentials in a conditional access policy is High. When a user's credentials are leaked, it means that their username and password have been compromised and are potentially in the hands of an attacker. This puts the user's account and the resources that they have access to at a high level of risk, making it important to apply strict access controls and security measures. By setting the risk level to High, conditional access policies can be configured to enforce stricter security measures, such as requiring multifactor authentication or blocking access to certain resources entirely. Therefore, the correct answer is D. High.
D. High
High is the right answer
D The understanding of the risk should be considered. When credentials are leaked the user is 100% exposed to hack.
HIGH ! D!
D, correct answer!
The question is outdated and not relevant now
D: High
The correct answer is D
D is the answer. https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/security-operations-user-accounts#unusual-sign-ins Leaked credentials user risk detection - Risk Level: High
D. High
Yes, It's High!
If your users credentials are leaked, you are yiffed, so it should always be the highest risk value, in this case "High"