SKILL BENCHMARK
AZ-900: Azure Identity and Security Literacy (Beginner Level)
- 30m
- 30 questions
The AZ-900: Azure Identity and Security Literacy (Beginner Level) benchmark measures your knowledge and skills in managing Azure Active Directory (AD). You will be evaluated on your ability to execute user and group management, implement various authentication methods, and enable multi-factor authentication (MFA). A learner who scores high on this benchmark demonstrates that they have literacy in securing Azure networks through network security best practices and configuring Azure network security groups (NSGs) to enforce network-level security policies.
Topics covered
- configure Azure Active Directory (AD) conditional access
- configure Azure authentication so that passwords do not have to be entered
- configure Azure Firewall application rules
- configure Azure Firewall network address translation (NAT) rules
- configure Azure Firewall network rules
- create Azure AD users using a bulk import file
- create dynamic groups memberships for Azure AD users and devices
- demonstrate how to use the portal to manage Azure managed identities
- demonstrate how to use the portal to manage Azure service principles
- describe the process of enabling SSO for Azure services
- describe when passwordless login should be used and how it is enabled
- differentiate between Azure service principals and managed identities
- enable multi-factor authentication (MFA) for Azure AD users
- enable self-service password reset (SSPR) to reduce the help desk burden
- identify when identity federation should be used
- invite external users to participate in Azure AD
- list authentication methods available for Azure users
- manage Azure AD applications
- manage network security groups using PowerShell
- manage network security groups using the CLI
- outline how Azure Firewall provides protection
- outline how network security groups (NSGs) are used
- plan the number and use of Azure Active Directory (AD) tenants and differentiate Azure AD from Azure Active Directory Domain Services (AD DS)
- register a custom DNS name for use with an Azure AD tenant
- use Azure AD administrative units to organize users and groups
- use PowerShell to create and manage Azure AD users
- use PowerShell to navigate Azure AD
- use the Azure portal to create a new Azure AD tenant
- use the CLI to create and manage Azure AD users
- use the CLI to navigate between Azure AD tenants