A company deploys Microsoft Azure AD. You enable multi-factor authentication.
You need to inform users about the multi-factor authentication methods that they can use.
Which of the following methods is NOT a valid multi-factor authentication method in Microsoft 365?
Inserting a small card into a desktop computer and providing a PIN code is not a valid multi-factor authentication method in Microsoft 365. The valid methods include receiving an automated call on a desk phone or mobile phone, receiving an SMS text message, and using an authenticator app. While hardware tokens are an option, they typically generate a verification code rather than being inserted into a computer with a PIN code.
Hardware tokens are an MFA option. Phone option does not give you a verification code. Answer is A. https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#verification-methods
I totally agree with this answer
Incorrect: phone options DO get you a verification code and while hardware tokens *are* (a rare) option, they are not "insert a card in computer" type - they are response type hardware devices that perform similar to authenticator apps.
Correct Answer is B. Here's the proof: https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_password-mso_o365b/mfa-cant-add-office-phone-as-mfa-option-and-cant/0961d8c2-c2ce-4be8-903e-7422b2b03d85
It says'call to phone' It doesn't say what you should do upon receiving the call - enter # or PIN The options listed are; call to phone text message to phone Notification through mobile app Verification code from mobile app or hardware token Receive an automated call on the desk phone that includes a verification code
it says small card, not smart card.
A is incorrect. The office phone can be used, but it is a press # to verify method. There is no verification code given on voice authentication methods. B is likely a typo, because A is definitely wrong. https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-phone-options
I contacted Microsoft. The answer is B. The use of hardware tokens is currently in preview, but a hardware token users a generated OATH verification code.
B. Insert a small card into a desktop computer and provide a PIN code when prompted is not a valid multi-factor authentication method in Microsoft 365. Microsoft 365 offers several multi-factor authentication methods, including: A. Receive an automated call on the desk phone that includes a verification code B. Receive a call on a mobile phone and select the pound sign (#) when prompted C. Receive an SMS text message that includes a verification code D. Use a mobile app notification or verification code Inserting a small card into a desktop computer and providing a PIN code is not a valid multi-factor authentication method in Microsoft 365.
NO. You came up with the first point (A). There is no such thing in MS, show the source if you think otherwise!
The Answer A - Receive a verification code by phone call is not valid. It's not a feature available through the Azure MFA. https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings In addition, smart card usually do not display a pin code. Pin code are commonly used on OATH token (which are not connected to the laptop). So I hesitate between answer A and B.
its not smart card ..its small card in the question
The correct answer is B. They are looking for the one INCORRECT answer. You can receive a "text message" with a code but not to a desk phone. https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings
Apologies. The correct answer is A.
I would also say a because phone does not give you a verification code, you just have to press #
Should be C. Microsoft does support having a physical token that provides a PIN. Their calls do not have a 'press # when prompted' interaction, they only provide a Verification code.
I can confirm one of the ways is receiving a call and "press # to continue" because this is the way we manage access in our company
Is It should be A?
A is the answer...Desk Phone is the reason to reject this answer...Desk Phone can't be used for authentication...Because Desk Phone can be accessed by anyone...
Excellent point!
Correct B
With phone call verification during SSPR or Azure AD Multi-Factor Authentication, an automated voice call is made to the phone number registered by the user. To complete the sign-in process, the user is prompted to press # on their keypad. So need to press #. So option A is not the correct method
its B.
Currently listed authentication methods are shown below; Microsoft Authenticator app FIDO2 security key OATH hardware tokens (preview) OATH software tokens SMS Voice call https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
Answer:A No code with phone call. only asks to press #
I totally agree with this answer
Smart cards are a valid MFA option
No, they arent. Hardware tokens are an unusual option, but they thake the form of code generating devices, not "smart cards"
tokens dont work like that so per eleimination B is not a valid option
the deskphone said receive code meaning it says the code for you to put in. There is no such method of MFA of inserting a card let alone inserting anything to provide authentication
A is wrong for two reasons: - Desk phone is not a PERSONAL mobile phone; - In the phone call verification, to complete the sign-in process, the user is prompted to press # on their keypad; https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-phone-options
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-phone-options Answer is B
Users can also verify themselves using a mobile phone or office phone as secondary form of authentication used during Azure AD Multi-Factor Authentication or self-service password reset (SSPR).
I would have to go with 'B' here. whilst you can receive a 'Phone Call' with the verification code, you still can receive the code via a desk phone. - Its probably not recommended though, for the reasons as discussed in this forum.
small card is not smart card
The answer is B. The automatic servicedesk phone give you a verification code
Multi-factor authentication means something you don't know before entering a code. In this case the answer is B. Because you know the code before entering it.
To complete the sign-in process, the user is prompted to press # on their keypad and not a verification code
A is the answer. Authentication by phone call never provides any codes, it asks to press the # key only. It can be done on both, mobile and desk phone.
A pls we are just required to enter # on the right phone.
Answer here is A Call to phone Places an automated voice call. The user answers the call and presses # on the phone to authenticate. The phone number isn't synchronized to on-premises Active Directory.
Answer A, you don't get a pin code on the phone call. You just get an option to press #
With office phone call verification during SSPR or Microsoft Entra multifactor authentication, an automated voice call is made to the phone number registered by the user. To complete the sign-in process, the user is prompted to press # on their keypad. source: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-phone-options
There is no Call to phone PIN: Call to phone: Places an automated voice call. The user answers the call and presses # on the phone to authenticate. The phone number isn't synchronized to on-premises Active Directory. Source: https://learn.microsoft.com/en-us/entra/identity/authentication/howto-mfa-mfasettings#phone-call-settings
The method that is **NOT** a valid multi-factor authentication (MFA) method in Microsoft 365 is: **B. Insert a small card into a desktop computer and provide a PIN code when prompted.** This method refers to using a smart card, which is not one of the supported MFA methods in Microsoft 365. The valid MFA methods in Microsoft 365 include options like calls, SMS text messages, app notifications, and verification codes.
B is a valid method MFA. yubikey works like this
B is a token hardware. Is a MFA methos valid. A is the answer
In Microsoft 365, the valid multi-factor authentication (MFA) methods include: A. Receiving an automated call on the desk phone that includes a verification code. C. Receiving a call on a mobile phone and selecting the pound sign (#) when prompted. D. Receiving an SMS text message that includes a verification code. However, option B, "Insert a small card into a desktop computer and provide a PIN code when prompted," is not a valid MFA method in Microsoft 365. This method describes a smart card authentication, which is not part of the standard MFA options provided by Microsoft 365.
The correct answer is: B. Insert a small card into a desktop computer and provide a PIN code when prompted Explanation: This is not a valid multi-factor authentication (MFA) method in Microsoft 365 / Azure AD. While smart cards (physical cards with certificates) can be used for authentication in some enterprise environments, the described method (inserting a card into a desktop computer and entering a PIN) is not one of the standard Azure AD MFA methods. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
The multi-factor authentication method that is NOT a valid method in Microsoft 365 among the options provided is: A. Receive an automated call on the desk phone that includes a verification code Here's why: B. Insert a small card into a desktop computer and provide a PIN code when prompted: This describes using a smart card, which is a valid MFA method in Microsoft 365. C. Receive a call on a mobile phone and select the pound sign (#) when prompted: This describes phone call authentication, where the user confirms their sign-in by pressing a key on their phone, which is a valid MFA method. D. Receive an SMS text message that includes a verification code: This describes SMS-based authentication, which is a common and valid MFA method in Microsoft 365.