📋 Identity & Access Security Cheat Sheet

Key identity security concepts for AZ-500 security engineers.

Conditional Access

  • Signals: user/group, location, device state, application, sign-in risk, user risk.
  • Grant controls: require MFA, compliant device, approved app, password change.
  • Session controls: sign-in frequency, persistent browser, app-enforced restrictions.
  • Report-only mode: test policies without enforcing; review impact in sign-in logs.

Privileged Access

  • PIM: just-in-time activation with approval, time-limited, and audited.
  • Access reviews: periodic certification of role assignments.
  • Emergency access accounts: break-glass accounts excluded from conditional access.
  • Managed identities: system or user-assigned; eliminate credential management.

Practice Entra ID & Conditional Access Questions

Put your knowledge to the test with practice questions.

Full AZ-500 Quiz

More AZ-500 Cheat Sheets

📋Network Security Cheat Sheet📋Data Protection Cheat Sheet📋Security Operations Cheat Sheet
← AZ-500 Study HubFree Mock Exam7-Day Study Plan