Microsoft Azure Fundamentals AZ-900
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A multinational corporation with offices in multiple countries is implementing Microsoft Entra Conditional Access to strengthen its security framework. The corporation faces the challenge of ensuring secure access to its resources, requiring a solution that adapts to various factors such as the user's geographical location, the compliance status of the accessing device, and the sensitivity level of the application in question. The IT department is particularly concerned about unauthorized access from untrusted locations and insists on a solution that not only enforces device compliance for accessing sensitive applications but also remains cost-effective and scalable for future expansion. Considering these requirements, which of the following statements accurately describes the capabilities of Microsoft Entra Conditional Access in addressing the corporation's needs? (Choose two options.)
A
Conditional Access is capable of enforcing device compliance checks and supports location-based policies, but it cannot differentiate between applications based on their sensitivity levels, thus only partially fulfilling the corporation's requirements.
B
Conditional Access offers comprehensive dynamic access controls that can assess user location, device compliance, and application sensitivity in real-time, enabling the creation of policies that restrict access from untrusted locations unless the device is compliant and the application is not deemed sensitive.
C
Conditional Access is designed to evaluate and enforce policies based on user location, device compliance, and application sensitivity, providing a holistic approach to secure access that meets all of the corporation's specified requirements.
D
Conditional Access primarily focuses on application sensitivity and lacks the functionality to enforce access controls based on user location or device compliance, which are essential for the corporation's security strategy.
E
Conditional Access can dynamically enforce access controls based on a combination of user location, device compliance, and application sensitivity, but it requires additional Azure services to fully meet the corporation's scalability and cost-effectiveness requirements.