Practice Test
True or False: An external user in the Azure Active Directory is lesser privileged than an internal user.
- Answer: False
Explanation: External users have identical capabilities as home tenant users but this entirely depends on the access permissions and roles assigned to them by the administrator.
In Azure AD, which one of the following does not relate to external identities?
- a) B2B collaboration
- b) Guest access
- c) B2C collaboration
- d) Managed identities
Answer: d) Managed identities
Explanation: Managed identities in Azure are identities created and managed by Azure that do not require user intervention. They do not fit the definition of external identities.
True or False: You need an Azure subscription to invite a guest user to your Azure AD.
- Answer: False
Explanation: Generally, you only need Azure AD to invite guest users.
What can be done through Azure AD B2B collaboration?
- a) Invite users by sending an email invitation
- b) Accept a link from an invitation in email
- c) Permit external users to create their own accounts
- d) All of the above
Answer: d) All of the above
Explanation: Azure AD B2B collaboration facilitates all these functionalities.
True or False: Guest users in Azure AD have the same access rights as member users.
- Answer: True
Explanation: By default, a guest user has the same basic permissions to read directory data as any other Azure AD user.
Which feature in Azure facilitates granting limited access to your Azure AD?
- a) Azure AD B2C
- b) Guest access
- c) Managed identities
- d) Azure AD B2B
Answer: b) Guest access
Explanation: Guest access allows you to open up your application to any user, while limiting their access and capabilities.
True or False: Azure Active Directory external identities require an identity provider.
- Answer: True
Explanation: Azure Active Directory external identities leverage identity providers like Microsoft Account, Google, Facebook, etc., to simplify the sign up and sign in process for your applications.
Azure AD B2B collaboration simplifies the management of:
- a) External identities
- b) Internal identities
- c) Managed identities
- d) User-assigned identities
Answer: a) External identities
Explanation: Azure AD B2B collaboration simplifies the management of external identities.
True or False: You can use Azure Active Directory B2C to provide identity and access management solutions for your consumer-facing applications.
- Answer: True
Explanation: Azure AD B2C is a customer identity access management solution, used to provide identity service for your consumer-facing web and mobile applications.
What is not a feature of Azure Active Directory B2C?
- a) Customer sign up
- b) Customer sign in
- c) Profile management
- d) Backups and restore
Answer: d) Backups and restore
Explanation: Backups and restore is not a standard feature of Azure AD B2C. It’s more about identity and access management than storage or backup.
Interview Questions
What is an external identity in Azure Active Directory?
An external identity in Azure Active Directory refers to the identity of a user from outside an organization. These can be customers, vendors, partners who have their own Azure Active Directory and they need to access resources of your Azure Active Directory.
How does Azure handle guest access?
Azure handles guest access through a service known as Azure Active Directory B2B (Business To Business). This service allows you to invite external users to your organization’s applications and services while maintaining control over your corporate data.
Can an external user be given the same permissions as an internal user in Azure?
Yes, external users also known as guest users, can be granted nearly all the same permissions as internal users in Azure depending upon the discretion of the admin.
What is collaboration in Azure Active Directory?
Collaboration in Azure Active Directory is the concept of sharing your application resources with users who exist outside your Azure Active Directory.
What is the scope of a guest user in Azure AD (Active Directory)?
A guest user in Azure AD is normally limited to fewer capabilities than a member user. However, an Azure AD admin can grant more permissions to a guest user including the ability to create and manage resources within Azure AD.
What is Azure Active Directory B2B?
Azure Active Directory (Azure AD) B2B collaboration is a service that simplifies the sharing of your app resources with users outside your organization while maintaining control over your corporate data.
What is Azure AD (Active Directory) B2C?
Azure AD B2C is a customer identity and access management solution. It allows you to customize and control how customers can sign up, sign in, and manage their profiles when using your applications.
How does Azure ensure secure guest access?
Azure ensures secure guest access through identity governance and conditional access policies. Administrator can impose restrictions like Multi-factor Authentication (MFA) on guest users and monitor their activities to ensure secure access.
How does a guest user accept an invitation in Azure AD?
An external user accepts an invitation by clicking on the invitation link that they receive in the invitation email. Upon clicking the link, they will be led through the process of verifying their information and accessing the shared resources.
Can you remove a guest user from Azure Active Directory?
Yes, an admin can remove a guest user from Azure Active Directory. The removal process may vary depending on whether the guest user was invited through Azure AD B2B collaboration or added directly.
What is the purpose of Azure Active Directory external identities?
The main purpose of Azure Active Directory External Identities is to secure and manage identities from any external directory or identity provider. This simplifies access for external users and keeps the organization’s data secure.
How is licensing managed for external users in Azure?
Licensing for external users in Azure is managed through Azure Active Directory External Identities pricing. This enables per-user or MAU-based (monthly active users) billing to suit different scenarios.
How can you restrict access to Azure resources for guest users?
You can restrict access to Azure resources for guest users using Azure’s conditional access policies. This enables you to impose conditions and rules, like requiring multi-factor authentication, for accessing certain resources.
Is it possible to automate the process of inviting guest users in Azure AD?
Yes, it is possible to automate the process of inviting guest users in Azure AD using PowerShell scripts or through the Microsoft Graph API.
How is secure collaboration enabled in Azure AD?
Secure collaboration in Azure AD is enabled through features like Azure AD B2B, which allows safe sharing of resources with external users, and Azure AD B2C, which allows identity management for consumer-facing applications. Azure also offers robust identity governance and security features to enforce secure access.
extutorials.com