You're reading from Azure Security Cookbook Practical recipes for securing Azure resources and operations

Product type Paperback

Published in Mar 2023

Publisher Packt

ISBN-13 9781804617960

Length 372 pages

Edition 1st Edition

Languages

Perl

Tools

Azure

Concepts

Cybersecurity

Author (1):

Steve Miles

View More author details

Table of Contents (15) Chapters

Preface

1. Part 1: Azure Security Features

2. Chapter 1: Securing Azure AD Identities FREE CHAPTER

3. Chapter 2: Securing Azure Networks

4. Chapter 3: Securing Remote Access

5. Chapter 4: Securing Virtual Machines

6. Chapter 5: Securing Azure SQL Databases

7. Chapter 6: Securing Azure Storage

8. Part 2: Azure Security Tools

9. Chapter 7: Using Advisor

10. Chapter 8: Using Microsoft Defender for Cloud

11. Chapter 9: Using Microsoft Sentinel

12. Chapter 10: Using Traffic Analytics

13. Index

Why subscribe?

14. Other Books You May Enjoy

Implementing the Azure AD Identity Protection service

We need solutions that provide remediation actions based on threat intelligence insights. Using policies, we can detect and respond to identity-based threats automatically; this allows us to react quicker and does not rely on human operator intervention.

This recipe will teach you how to implement Azure AD Identity Protection in your environment’s AD tenancy.

We will take you through setting up risk policies, MFA registration policies, investigation, reports, and how to remediate identified risks.

Getting ready

This recipe requires the following:

A device with a browser, such as Edge or Chrome, to access the Azure portal: https://portal.azure.com
You should sign in to the Azure portal with an account with the Global Administrator role
You will require Azure AD Premium licenses or trial licenses

How to do it…

This recipe consists of the following task:

Configuring Identity Protection

Task – configuring Identity Protection

Perform the following steps:

From the Azure portal, go to Azure Active Directory, click Security in the Manage section from the side menu, and then click Identity Protection in the Protect section.
From the Identity Protection blade, click User risk policy:

Figure 1.37 – User risk policy

From Assignments, click All users, review the available options, and select as required. You can set it to include or exclude.
From User risk, select the risk level controls options to be enforced: High, Medium and above, or Low and above. Then, click Done.
Click Block access from the Access section under Controls and select the controls to be enforced. You can set it to Block or Allow access and Require password change. Then, click Done:

Figure 1.38 – User risk policy settings screen

Select On under Enforce policy, and then click Save.
Complete the same steps but this time for Sign-in risk policy:

Figure 1.39 – Sign-in risk policy settings screen

With that, you have configured Identity Protection. This concludes the hands-on tasks for this recipe.

How it works…

This recipe looked at how to implement Azure AD Identity Protection.

A risk policy will monitor for identity risks, which, when detected, enforce remediation measures, which are the controls that have been set, such as blocking or allowing access and requiring a password change by the user.