Your company has a Microsoft 365 subscription that has multi-factor authentication configured for all users.
Users that connect to Microsoft 365 services report that they are prompted for multi-factor authentication multiple times a day.
You need to reduce the number of times the users are prompted for multi-factor authentication on their company-owned devices. Your solution must ensure that users are still prompted for MFA.
What should you do?
To reduce the number of times users are prompted for multi-factor authentication while still ensuring that MFA is enforced, you should enable the remember multi-factor authentication setting and verify each device as a trusted device. This setting allows users to bypass subsequent verifications for a specified number of days once they've successfully signed in to a device using MFA, thus enhancing usability by minimizing the frequency of MFA prompts.
According to the answer description given, both B and D satisfy the requirement of enabling the remember login for x number of days.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#remember-multi-factor-authentication
Correct Answer Should be B. The Link you gave is very clear
The difference being that D won't really make a difference.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#remember-multi-factor-authentication
Correct Answer Should be B. The Link you gave is very clear
If D won't really make a difference, then why did you say both B and D satisfy the requirement? Be consistent.
It just says company own devices, doesn't say what devices these are
It just says company own devices, doesn't say what devices these are
Correct Answer Should be B. The Link you gave is very clear
If D won't really make a difference, then why did you say both B and D satisfy the requirement? Be consistent.
It just says company own devices, doesn't say what devices these are
It just says company own devices, doesn't say what devices these are
Correct Answer Should be B. The Link you gave is very clear
In exam today
I would think D. B just verify but what does it actually accomplish? If you select D then you can configure your conditional access to bypass any domain joined devices or mark them as compliant to bypass.
B https://support.microsoft.com/en-us/account-billing/how-to-use-two-step-verification-with-your-microsoft-account-c7910146-672f-01e9-50a0-93b4585e7eb4 https://support.microsoft.com/en-us/account-billing/add-a-trusted-device-to-your-microsoft-account-fe3860c8-bc04-9770-e218-b4fd6b767f4b
B https://support.microsoft.com/en-us/account-billing/how-to-use-two-step-verification-with-your-microsoft-account-c7910146-672f-01e9-50a0-93b4585e7eb4 https://support.microsoft.com/en-us/account-billing/add-a-trusted-device-to-your-microsoft-account-fe3860c8-bc04-9770-e218-b4fd6b767f4b