Microsoft Exam AZ-100 Topic 6 Question 1 Discussion

Actual exam question for Microsoft's AZ-100 exam

Question #: 1
Topic #: 6

You have an Azure Active Directory (Azure AD) tenant.

You have an existing Azure AD conditional access policy named Policy1. Policy1 enforces the use of Azure AD-joined devices when members of the Global Administrators group authenticate to Azure AD from untrusted locations.

You need to ensure that members of the Global Administrators group will also be forced to use multi-factor authentication when authenticating from untrusted locations.

What should you do?

AFrom the Azure portal, modify session control of Policy1

BFrom the multi-factor authentication page, modify the service settings

CFrom the multi-factor authentication page, modify the user settings

DFrom the Azure portal, modify grant control of Policy1

Show Suggested Answer

Suggested Answer: D

There are two types of controls:

Grant controls -- To gate access

Session controls -- To restrict access to a session

Grant controls oversee whether a user can complete authentication and reach the resource that they're attempting to sign-in to. If you have multiple controls selected, you can configure whether all of them are required when your policy is processed. The current implementation of Azure Active Directory enables you to set the following grant control requirements:

References:

https://blog.lumen21.com/2017/12/15/conditional-access-in-azure-active-directory/

by Paris at Jul 23, 2022, 08:52 PM

Limited Time Offer

25%

Off

Get Premium AZ-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!