Microsoft Azure Security Engineer Associate AZ-500 Practice Question
Contoso wants to enforce multi-factor authentication (MFA) only when administrators manage Azure resources-not when they use other Microsoft 365 services. You are asked to create a single Conditional Access policy that meets these requirements. Which cloud app or action should you target in the policy so that MFA is required only when administrators sign in through the Azure portal, Azure PowerShell, Azure CLI, or the REST API?
To scope MFA strictly to Azure management operations, the Conditional Access policy must be applied to the built-in cloud app named Microsoft Azure Management. This cloud app represents every Azure Resource Manager endpoint: the Azure portal, Azure PowerShell, Azure CLI, REST API, and the mobile app. Because Microsoft 365 workloads such as Exchange Online or SharePoint Online are mapped to different cloud-app identifiers, they are not affected when the policy targets Microsoft Azure Management. Choosing All cloud apps or Office 365 would also include Microsoft 365 workloads, violating the requirement. Selecting a user action such as Register security information does not relate to Azure management sessions and would not enforce MFA for administration tasks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is Microsoft Azure Management selected instead of All cloud apps?
Open an interactive chat with Bash
What does Conditional Access do in Azure security?
Open an interactive chat with Bash
How does the Microsoft Azure Management cloud app map Azure endpoints?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure identity and access
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .