Exam AZ-104 All QuestionsBrowse all questions from this exam
Go to Exam
Question 7

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your company's Azure solution makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.

After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.

To achieve this, the Per Enabled User setting must be set for the usage model.

Solution: You reconfigure the existing usage model via the Azure CLI.

Does the solution meet the goal?

    Correct Answer: B

    The solution does not meet the goal. Once a Multi-Factor Authentication provider is created, its usage model cannot be changed from 'Per Authentication' to 'Per Enabled User.' To achieve the goal of ensuring new employees use Multi-Factor Authentication under the 'Per Enabled User' setting, a new MFA provider would need to be created and activated with the new settings. Reconfiguring the existing usage model via the Azure CLI is not possible for changing the usage model.

Discussion
rigonetOption: B

ANSWER: B - No You cannot change the usage model after creating the provider.

jackdryan

B is correct. You create a new Multi-Factor Authentication provider with a backup from the existing Multi-Factor Authentication provider data. You cannot change the usage model (per enabled user or per authentication) after an MFA provider is created.

MadboOption: B

the solution does not meet the goal because the question states that the "Per Enabled User" setting must be set for the usage model, but the solution mentioned only reconfiguring the existing usage model via the Azure CLI. It does not specify how to change the usage model to "Per Enabled User," which requires additional steps such as setting the user-based policy in Azure AD conditional access. Therefore, the correct answer is B: No, the solution does not meet the goal.

RanjitSingh1974

i have no idea

TheCultureOption: B

Aaaaaah! Same question, same answer! :^) "You can't change the usage model (per enabled user or per authentication) after an MFA provider is created." from https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-authprovider

dhivyamohanbabuOption: B

Option B is correct

jersonmartinezOption: B

https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-authprovider You can't change the usage model (per enabled user or per authentication) after an MFA provider is created.

jackill

I agree, the answer is “B. No”. But I’m not understanding why changing the billing model (https://learn.microsoft.com/en-us/azure/active-directory/authentication/multi-factor-authentication-faq#can-my-organization-switch-between-per-user-and-per-authentication-consumption-billing-models-at-any-time-) will allow the new employees make use of MFA and maintaining the “Per Authentication” model does not allow them to use MFA, as stated by the question.

Nico1973Option: B

Answer: B. No Explanation: The solution provided does not meet the goal of configuring the Per Enabled User setting for the new employees to use Multi-Factor Authentication. To achieve the desired outcome, the Per Enabled User setting should be configured directly for the new employees, not by reconfiguring the existing usage model via the Azure CLI.

mattpaulOption: B

The correct answer is now Get all questions from me contact me on <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="1c6c7d697032717d686874796b6f2d252b2c5c73696870737377327f7371">[email protected]</a>

tashakoriOption: B

No is right

mattpaulOption: B

Ans is No <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="304051455c1e5d5144445855474301090700705f45445c5f5f5b1e535f5d">[email protected]</a> for full set

_gio_Option: B

B agree with rigonet

leoiq91Option: B

B is correct

MetavessOption: B

A usage model can not be changed once a Multi Factor Authentication has been created.

Andre369Option: A

Yes, the provided solution meets the goal of configuring the usage model for Multi-Factor Authentication (MFA) for the new employees added to Azure Active Directory (Azure AD) after the acquisition. Using the Azure CLI, you can reconfigure the existing usage model from "Per Authentication" to "Per Enabled User" to enforce MFA for all new employees in Azure AD. This ensures that MFA is required for each user individually based on their account configuration, regardless of their location or authentication attempts.

lokii9980Option: A

Yes, the solution meets the goal of configuring Multi-Factor Authentication for the new employees added to Azure Active Directory (Azure AD). By reconfiguring the existing usage model via the Azure CLI and setting the Per Enabled User setting, the new employees will be required to use Multi-Factor Authentication. This ensures that the new employees' accounts are secured and protected by an extra layer of security beyond just a password.

allyQ

Does anyone proof-read these scenarios? ...

RufusinskiOption: B

B is correct.