This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 11%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJH%3C/text%3E%3C/svg%3E)
I am doing my annual security audit (a few days late) and were wondering if anyone has put together a chart showing the interaction between the various elements of Azure Active Directory as it relates to Office 365. There are so many layers when we consider:
Not to mention the authentication polices I have in place for Exchange Online, MFA policies, on and on. I have a good handle on how it all works together, but have never put together a chart showing the interaction of the various elements and the order of application. Example, in Exchange online the authentication policy comes first, with MFA, then the conditional access policy. For a CA rule blocking sign on from a restricted region, the flow goes through the authentication policy, then MFA, then to the CA policy. Alerts fire according to the Cloud App Security policy in the first step.
You wont fine any records in the event log about auth policies, so you can ignore that part. Other than that, I'm not entirely sure what exactly you are looking for, as just the transport pipeline can take several pages to describe properly...
I will just put together a brief, written summary and use that in my audit. Thanks for your reply.