In the context of enhancing cybersecurity measures for the Litware.com forest, you are asked to develop a security strategy that aligns with specific identity requirements. These requirements are:

The ability to detect brute force attacks aimed directly at Active Directory Domain Services (AD DS) user accounts.

The implementation of leaked credential detection within Litware's Azure Active Directory (Azure AD) tenant.

Measures to ensure that AD DS user accounts are not locked out due to brute force attacks targeting Azure AD user accounts.

What should be included in your recommended strategy?

Exam-Like

Explanation:

To secure the litware.com forest and meet the identity requirements:

Azure AD Identity Protection: This helps implement leaked credential detection in the Azure AD tenant of Litware.
Microsoft Defender for Identity: This detects brute force attacks that directly target AD DS user accounts. It also helps prevent AD DS user accounts from being locked out by brute force attacks that target Azure AD user accounts.

While 'Microsoft Defender for Cloud' and 'An account lockout policy in AD DS' provide some protection, they do not fulfill the specific identity requirements as effectively as Azure AD Identity Protection and Microsoft Defender for Identity.

Powered ByGPT-5

Microsoft Cybersecurity Architect Expert SC-100

Get started today

Microsoft Cybersecurity Architect Expert SC-100

Get started today