Answer-first summary for fast verification
Answer: Use Conditional Access policies in Azure AD to require MFA for specific applications or resources based on user attributes or risk factors.
Option C is the correct answer. Using Conditional Access policies in Azure AD allows for the enforcement of MFA based on specific conditions, such as the sensitivity of the resource being accessed or the risk factors associated with the user or sign-in context. This approach provides a flexible and secure way to enforce MFA without requiring manual intervention. Enabling MFA for all users may not be necessary and can impact the user experience. Creating a custom policy using the Graph API or manually enforcing MFA for each user is not scalable and may not provide the same level of flexibility and security as Conditional Access policies.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization has a requirement to implement multi-factor authentication (MFA) for all users accessing sensitive resources in Azure AD. You need to ensure that MFA is enforced consistently and securely. What steps should you take to achieve this?
A
Enable MFA for all users in Azure AD and require them to set up their verification methods during sign-in.
B
Create a custom policy using the Microsoft Graph API to enforce MFA for all users accessing sensitive resources.
C
Use Conditional Access policies in Azure AD to require MFA for specific applications or resources based on user attributes or risk factors.
D
Manually enforce MFA for each user accessing sensitive resources through the Azure portal.