Hello and welcome back. What we're going to do here in this quick demonstration is walk through the process of enabling the user risk policy. Now, on the screen here, I am logged into my Azure portal for the Berks Builders Organization. I am logged in as the global admin. To set up the user risk policy, what we're going to do here is go into 'Azure Active Directory', and then from Azure Active Directory we're going to go down here to 'Security'. Now, once we're in Security here, we have a couple of options under Protect.

We can configure Conditional Access, configure Identity Protection, we can access Security Center, and we can do some other stuff here down the left-hand navigation side. What we're going to do here is go into 'Identity Protection'. And then once we're in the overview page for Identity Protection, we can, under Protect here, configure the user risk policy, a sign-in risk policy, or the MFA registration policy. These are the three default policies we talked about. What we'll do here is select 'User risk policy'. And remember, I mentioned that there isn't a whole lot to configure with these default policies, and that's what you're seeing here. You can configure the Assignments, essentially who gets the policy, you can specify the user risk, and you can configure the controls, what happens when this policy fires.

And then, of course, you can turn the policy on and off. If we select 'All users' here, you can see we can either keep it set for All users or we can Select individual users and groups, or we can actually Exclude users and groups as well. We'll leave this default setting here to All users. And then what we'll do here is we'll hover over user risk here, and we can see here, what this tells us is that user risk that we define here is the likelihood that a user account is compromised. So, if we select 'Low and above', what we can do is configure the user risk level that's needed for the policy to get enforced. We have a couple of options here. We have Low and above, Medium and above, and High. Now, as I mentioned earlier in the course, the higher the risk here, the higher the confidence that there's a problem.

So, if you select 'Low and above' here, you may get some false positives. If you select 'Medium and above', there will be fewer false positives. And then if you select 'High' here, there will be very, very few, if any, false positives. Because it's at this point, if it's identified as a high-risk, Identity Protection is pretty sure it's actually a risk. What we'll do for this demo is just leave it here at Low and above. And then in the Controls here, if we highlight this icon, we can see this is where we can select the Controls to require for access grant. The default here is Block access. Selecting it takes us over into the Access selection pane, where we can Block access or we can Allow access. We can also require a password change if we're going to allow access. We'll leave this set here for Allow access and require a password change. And then what we can do here is turn the policy on and save it. And that's it. That's how you configure the default user risk policy in as your Identity Protection.