Summary and knowledge check

Completed

In this module, you learned how Microsoft 365 implements the principle of Zero Standing Access (ZSA) to protect production environments and customer data using Just-In-Time (JIT) and Just-Enough-Access (JEA).

Now that you have completed this module, you should be able to:

  • List two different types of accounts managed by Microsoft.
  • Name the tools and technologies used to control access within Microsoft 365 environments.
  • Explain mandatory prerequisites for granting service team accounts.
  • Describe Microsoft 365 service teams' privileged access management process.
  • Explain the process for using Microsoft Purview Customer Lockbox.

Check your knowledge

1.

When privileged access is approved through Lockbox, the service team engineer is granted the following access:

2.

When a Customer Lockbox request is approved by the organization, what is the maximum allowed period for access permissions granted to the service team engineer?

3.

What kinds of accounts do Microsoft personnel use to manage Microsoft 365 Services?

4.

What access control tool in Microsoft requires engineers to specify the privileged role, resources, and time required to complete an administrative task as part of requesting JIT access?