Before you start this task, ensure that the template deployment you started in Exercise 1 has completed. The deployment includes an Azure VM named az500-04-vm1.
In the Azure portal, set the Directory + subscription filter to the the Azure AD tenant associated with the Azure subscription into which you deployed the az500-04-vm1 Azure VM.
In the Azure portal, in the Search resources, services, and docs text box at the top of the Azure portal page, type Virtual machines and press the Enter key.
On the Virtual machines blade, click the az500-04-vm1 entry.
On the az500-04-vm1 blade, click Connect and, in the drop down menu, click RDP.
Click Download RDP File and use it to connect to the az500-04-vm1 Azure VM via Remote Desktop. When prompted to authenticate, provide the following credntials:
| Setting | Value |
|---|---|
| User name | Student |
| Password | Pa55w.rd1234 |
Note: Wait for the Remote Desktop session and Server Manager to load.
Note: The following steps are performed in the Remote Desktop session to the az500-04-vm1 Azure VM.
In Server Manager, click Local Server and then click IE Enhanced Security Configuration.
In the Internet Explorer Enhanced Security Configuration dialog box, set both options to Off and click OK.
Start Internet Explorer, click the cog wheel icon in the toolbar, in the drop-down menu, click Safety and then click InPrivate Browsing.
In the InPrivate Internet Explorer window, navigate to the ToR Browser Project at https://www.torproject.org/projects/torbrowser.html.en.
Download and install the Windows version of the ToR Browser with the default settings.
Once the installation completes, start the ToR Browser, use the Connect option on the initial page, and browse to the Application Access Panel at https://myapps.microsoft.com.
When prompted, attempt to sign in with the aaduser3 account.
Note: You will be presented with the message Your sign-in was blocked. This is expected, since this account is not configured with multi-factor authentication, which is required due to increased sign-in risk associated with the use of ToR Browser.
Use the Sign out and sign in with a different account option to sign in as aaduser1 account you created and configured for multi-factor authentication earlier in this lab.
Note: This time, you will be presented with the Suspicious activity detected message. Again, this is expected, since this account is configured with multi-factor authentiation. Considering the increased sign-in risk associated with the use of ToR Browser, you will have to use multi-factor authentication.
Use the Verify option and specify whether you want to verify your identity via text or a call.
Complete the verification and ensure that you successfully signed in to the Application Access Panel.
Close your RDP session.
Note: At this point, you attempted two different sign ins. Next, you will review the Azure Identity Protection reports.