Examice

Exam SC-300 All QuestionsBrowse all questions from this exam

Question 81

Your company has a Microsoft 365 tenant.

The company has a call center that contains 300 users. In the call center, the users share desktop computers and might use a different computer every day. The call center computers are NOT configured for biometric identification.

The users are prohibited from having a mobile phone in the call center.

You need to require multi-factor authentication (MFA) for the call center users when they access Microsoft 365 services.

What should you include in the solution?

a named network location

the Microsoft Authenticator app

Windows Hello for Business authentication

FIDO2 tokens

Correct Answer: D

Given that the call center users share desktop computers, which are not configured for biometric identification, and mobile phones are prohibited, configuring multi-factor authentication must bypass the need for both biometrics and mobile devices. Options like using a named network location would not provide adequate security since it does not fulfill the requirements for MFA. The Microsoft Authenticator app is not viable as mobile phones are not allowed. Windows Hello for Business requires either biometric identification or PIN, and since these users switch computers daily, storing such data locally is impractical. FIDO2 tokens are hardware-based authentication devices that provide a viable, secure, and portable solution for multi-factor authentication without the need for biometrics or mobile phones, making them the most suitable option.

Discussion

Ed2learnOption: D

ignoring the terrible working conditions, terribly configured network (or you would just set MFA and CA to ignore that network segment), and obviously micromanaging bosses - the given answer is correct.

omnomsnom

It's actually quite common for mobiles to not be allowed in some call centres that handle sensitive data or process card holder data. Exempting the network from MFA goes against zero-trust model. FIDO keys are the best solution.

BeitranOption: D

The only logical option.

ali_pinOption: D

A. a named network location - not an MFA option B. the Microsoft Authenticator app - no mobile phones allowed C. Windows Hello for Business authentication - no biometrical options in the office and the data is stored in the local device - they switch PCs every day so D. FIDO2 key

bleedingingOption: D

D. This one is clever. Windows hello for Business would require each user to scan their faces for each computer. It wouldn't be a viable solution. it'd have to be Fido2 instead.

Nivos23Option: D

Correct Answer is D

AquinteroOption: D

D. Fichas FIDO2

[Removed]Option: D

Ali_Pin explained correctly. FIDO2 is the correct answer.

Yelad

On the exam - March 28, 2022

EmnCoursOption: D

Correct Answer: D

dule27Option: D

D. FIDO2 tokens

ShoaibPKDXBOption: D

Correct D

HalwagyOption: D

The FiDO2 token

sapien45Option: D

Users can use passwordless credentials to access resources in tenants where they are a guest, but they may still be required to perform MFA in that resource tenant Fido2 is a MFAer

jasongaOption: D

windows hello for business can also use a PIN instead of biometrics so both it and fido are viable but I think fido is better don't like the question as either could be user

ZauberSRS

No, Windows Hello Pin is store locally, they may change computer every day it says

janshalOption: C

The call center computers are NOT configured for biometric identification Answer- C

PanBrownOption: D

FIDO2 key is the only option in this situation.

Jun143

just pass the exam today. This came in the question.