Skip to main content Skip to Ask Learn chat experience

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Download Microsoft Edge More info about Internet Explorer and Microsoft Edge

Achievements

Summary and knowledge check

Completed

5 minutes

In this module, you learned how Microsoft 365 implements the principle of Zero Standing Access (ZSA) to protect production environments and customer data using Just-In-Time (JIT) and Just-Enough-Access (JEA).

Now that you have completed this module, you should be able to:

List two different types of accounts managed by Microsoft.
Name the tools and technologies used to control access within Microsoft 365 environments.
Explain mandatory prerequisites for granting service team accounts.
Describe Microsoft 365 service teams' privileged access management process.
Explain the process for using Microsoft Purview Customer Lockbox.

Check your knowledge

When privileged access is approved through Lockbox, the service team engineer is granted the following access:

Just-In-Time

Standing access

Limited group access

When a Customer Lockbox request is approved by the organization, what is the maximum allowed period for access permissions granted to the service team engineer?

4 hours

8 hours

24 hours

What kinds of accounts do Microsoft personnel use to manage Microsoft 365 Services?

Service accounts

Service team accounts

Customer accounts

What access control tool in Microsoft requires engineers to specify the privileged role, resources, and time required to complete an administrative task as part of requesting JIT access?

Role-Based Access Control

Multi-factor authentication

Secure Access Workstations

Lockbox

You must answer all questions before checking your work.

Feedback

Was this page helpful?

en-us

Your Privacy Choices

Previous Versions
Blog
Contribute
Privacy
Terms of Use
Trademarks