Exam SC-300 All QuestionsBrowse all questions from this exam
Go to Exam
Question 91

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant.

All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.

Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.

You need to block the users automatically when they report an MFA request that they did not initiate.

Solution: From the Azure portal, you configure the Block/unblock users settings for multi-factor authentication (MFA).

Does this meet the goal?

    Correct Answer: B

    To automatically block users who report an MFA request they did not initiate, you need to configure the fraud alert settings in Azure Active Directory. This includes enabling fraud alerts and setting it to automatically block users who report fraud. Configuring the Block/unblock users settings alone would not automatically block users when they report an uninitiated MFA request.

Discussion
M0RK2000Option: A

go to MFA>settings>Fraud Alert>allow>autoblock>on>save

Panama469

Correct. Also requires going to Authentication Methods...Settings... Report suspicious activity. It's Microsoft managed by default but to be sure you would want that set to enabled.

shoutivOption: B

B - No It should be Azure Active Directory > Security > Multifactor authentication > Fraud alert -> Allow users to submit fraud alerts to On Pay attention to the words - you need to block the users AUTOMATICALLY Explanation from MS docs: FRAUD ALERT The fraud alert feature lets users report fraudulent attempts to access their resources. When an unknown and suspicious MFA prompt is received, users can report the fraud attempt by using the Microsoft Authenticator app or through their phone. The following fraud alert configuration options are available: - Automatically block users who report fraud. - Code to report fraud during initial greeting. BLOCK AND UNBLOCK USERS If a user's device is lost or stolen, you can block Azure AD Multi-Factor Authentication attempts for the associated account. Any Azure AD Multi-Factor Authentication attempts for blocked users are automatically denied. Users remain blocked for 90 days from the time that they're blocked.

zmlapq99Option: A

On exam few days ago.

6c769e7Option: A

A is the correct answer, I was able to connect with the authenticator app without wifi

EmnCoursOption: B

You need to enable "Report suspicious activity". To enable Report suspicious activity from the Authentication Methods Settings: 1- In the Azure portal, click Azure Active Directory > Security > Authentication Methods > Settings. 2- Set Report suspicious activity to Enabled. 3- Select All users or a specific group.

hellawaits111

This is incorrect. Documentation states "Reporting suspicious activity will set the user's risk to high. If the user is subject to risk-based Conditional Access policies, they MAY be blocked." It is the Fraud Alert configuration that is required.

dule27Option: B

B. No is the correct answer

[Removed]Option: B

Fraud Settings need to be configured, meaning this solution does not meet the goal.

JoshuauuOption: A

Is the given answer correct or incorrect? I would think the answer is A

Zubairr13Option: B

On the exam, 7/23/2022.

YeladOption: A

On the exam - March 28, 2022

TonytheTigerOption: A

On the exam today - March 4, 2022

PravdaOption: B

On the exam 1/20/2022

KB10Option: A

Should be Yes refferenced to https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#block-and-unblock-users with Fraud alert

KB10

Sorry my fault, answer is right