Security and Identity Foundations Word Search
MediumFind each term hidden in the grid. Selecting a word reveals its definition and a link to study it in depth.
A
U
T
H
O
R
I
Z
A
T
I
O
N
M
I
X
K
C
O
T
S
W
S
S
O
A
R
S
L
B
U
W
O
D
D
O
Q
I
F
T
F
D
T
C
L
J
H
N
P
W
B
K
Y
A
U
M
X
U
Y
J
S
K
D
L
R
E
D
N
E
F
E
D
S
E
S
T
K
I
O
B
E
N
F
B
Z
H
T
W
L
C
L
T
T
R
Q
S
M
U
V
O
J
Q
M
M
O
X
A
I
M
E
S
I
R
P
R
E
T
N
E
R
T
N
O
V
T
Y
K
S
I
R
K
L
D
A
E
A
D
N
H
Z
E
Y
K
M
P
T
E
F
E
L
Y
O
A
K
I
N
T
S
U
R
T
I
G
X
L
R
V
L
C
N
X
F
E
N
B
X
G
D
F
U
V
N
O
I
T
A
C
I
T
N
E
H
T
U
A
E
Z
S
O
N
S
D
I
Z
C
J
C
M
D
A
R
Q
H
M
I
P
N
W
V
I
N
I
D
S
A
Drag across letters, or tap the first and last letter. On a keyboard, use arrows + Enter.
Terms in this set
- Zero Trust Zero Trust is a security strategy built on three guiding principles: verify explicitly, use least-privilege access, and assume breach.
- Authorization Authorization is the process of determining what an authenticated identity is allowed to do, typically enforced through roles, permissions, and group memberships.
- Authentication methods Authentication is the process of proving a user's identity, using methods such as passwords, the Microsoft Authenticator app, FIDO2 security keys, Windows Hello, and passkeys.
- Multifactor authentication (MFA) MFA requires a user to provide two or more verification factors — something they know, have, or are — before access is granted.
- Single sign-on (SSO) SSO lets a user authenticate once with Microsoft Entra ID and then access multiple connected applications without signing in again.
- Conditional Access Conditional Access is a Microsoft Entra ID feature that enforces access policies using if-then rules combining signals such as user, device, location, and risk with controls like requiring MFA.
- Risky sign-ins Risky sign-ins are authentication attempts that Microsoft Entra ID Protection flags as suspicious, such as sign-ins from anonymous IPs, atypical travel, or leaked credentials.
- Identity Secure Score Identity Secure Score is a percentage in Microsoft Entra ID that shows how closely a tenant's identity configuration aligns with Microsoft's security best practices.
- Audit logs Audit logs record user and admin activity across Microsoft 365 and Microsoft Entra, providing a searchable history for security investigations and compliance.
- Privileged Identity Management (PIM) PIM is a Microsoft Entra ID Governance feature that provides time-based and approval-based activation of privileged roles to limit standing administrative access.
- Microsoft Defender XDR Microsoft Defender XDR is a unified enterprise defense suite that coordinates detection, investigation, and response across endpoints, identities, email, and apps from the Microsoft Defender portal.
- App registrations and Enterprise applications An app registration creates the global application object (the app's identity blueprint) in its home tenant, while an enterprise application is the local instance (service principal) in a specific tenant where admins manage that app's access, consent, and SSO.