Discover how to reduce unnecessary alerts and improve security by modifying Azure AD Privileged Identity Management alerts, focusing on potential state accounts in privileged roles.
Table of Contents
Question
You have a Azure subscription.
You enable Azure Active Directory (Azure AD) Privileged identify (PIM).
Your company’s security policy for administrator accounts has the following conditions:
- The accounts must use multi-factor authentication (MFA).
- The account must use 20-character complex passwords.
- The passwords must be changed every 180 days.
- The account must be managed by using PIM.
You receive alerts about administrator who have not changed their password during the last 90 days.
You need to minimize the number of generated alerts.
Which PIM alert should you modify?
A. Roles don’t require multi-factor authentication for activation.
B. Administrator aren’t using their privileged roles
C. Roles are being assigned outside of Privileged identity Management
D. Potential state accounts in a privileged role.
Answer
D. Potential state accounts in a privileged role.
Explanation
The correct answer is D. Potential stale accounts in a privileged role.
The alert for “Potential stale accounts in a privileged role” is designed to notify administrators when there are accounts in privileged roles that have not had their passwords changed within a specified time frame. Since the company’s security policy requires passwords to be changed every 180 days, receiving alerts about administrators who have not changed their passwords in the last 90 days may be unnecessary and contribute to alert fatigue. By modifying this alert’s settings, you can adjust the threshold to match the company’s policy of 180 days, thereby reducing the number of generated alerts.
To modify this alert, you would follow these steps:
- Sign in to the Microsoft Entra admin center as at least a Privileged role administrator.
- Browse to Identity governance > Privileged Identity Management > Azure resources.
- Select your subscription > Alerts > Setting.
- Customize settings on the “Potential stale accounts in a privileged role” alert to change the password age threshold to 180 days.
This adjustment ensures that alerts are generated only when administrators are approaching or have exceeded the company’s required password change interval, aligning with the security policy and minimizing unnecessary alerts.
Reference
- Azure > Active Directory > Privileged Identity Management > Configure security alerts for Azure AD roles in Privileged Identity Management
The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.
