HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant.
You need to create a conditional access policy that requires all users to use multi-factor authentication when they access the Azure portal.
Which three settings should you configure? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-mfa
Users Condition Grant
WRONG, COnditions are not needed as an option. All you need to do is set the following: Users/Groups- picks what users you want Cloud Apps/Actions- chooses what app is being controlled Grant- allows you to choose MFA grant or deny.
right...
macco455 and the given answer are both right, MS just explained the case here -> https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa#configure-the-conditions-for-multi-factor-authentication
macco455 and the given answer are both right, MS just explained the case here -> https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa#configure-the-conditions-for-multi-factor-authentication
right...
macco455 and the given answer are both right, MS just explained the case here -> https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa#configure-the-conditions-for-multi-factor-authentication
macco455 and the given answer are both right, MS just explained the case here -> https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa#configure-the-conditions-for-multi-factor-authentication
the given answer is correct as you can check the link in the answer. users cloud grant
For anyone in doubt, the cloud option is the correct option because the question asks to " multi-factor authentication when they access the Azure portal", so, to do this, we need to select the Microsoft Azure Management App, so the policy applies to sign-in events to the Azure portal.
Correct
Correct
Answer is correct. Documentation is clear: https://docs.microsoft.com/en-gb/azure/active-directory/authentication/tutorial-enable-azure-mfa MFA is set up in Grant. Conditions is related to Location, Device platform... and does nothing to do in this question
I agree wit you
Hmmm I'm not sure - if you follow the link in the answer: https://docs.microsoft.com/en-gb/azure/active-directory/authentication/tutorial-enable-azure-mfa ...the conditions appear to be setup in the Cloud apps section: For this tutorial, configure the Conditional Access policy to require MFA when a user signs in to the Azure portal. Select Cloud apps or actions. You can choose to apply the Conditional Access policy to All cloud apps or Select apps. To provide flexibility, you can also exclude certain apps from the policy. For this tutorial, on the Include page, choose the Select apps radio button. Choose Select, then browse the list of available sign-in events that can be used. For this tutorial, choose Microsoft Azure Management so the policy applies to sign-in events to the Azure portal. To apply the select apps, choose Select, then Done.
Yes, the answer is Users, conditions and grant Check here https://www.itexams.com/exam/AZ-102
Given answer is different from this question - https://www.examtopics.com/exams/microsoft/az-102/view/15/ I think correct answer is: Users Condition Grant
Nope! You need to select Users (who this apply to: ALL), Cloud Apps (where would they have access: Microsoft Azure Management a.k.a Portal), Action (what the policy do: Grant or deny access. At this stage you get option to choose Grant with MFA). This policy gets applied to all users with no exceptions hence Conditions are not required at all.
excellent point - the question refers to ALL users
excellent point - the question refers to ALL users
yes i agree with you but how they give that answer we will check document
The answer is right. For the Azure Portal you have to choose Microsoft Azure Management Cloud App. See here: https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa
in portal ther is condition is noththere so in portal cloud apps/user actions were there so they give correrct answer but add this actions in that option is fine
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-risk-policies https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy
Users Condition Grant
Correct Answer 1) Users and Groups 2) Cloud Apps or Actions 3) Grant https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa