Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

You need to enforce multi-factor authentication (MFA) only when a set of Azure administrators access the Azure portal or perform management operations by using Azure PowerShell. Administrators should not be prompted for MFA when they sign in to other SaaS apps. You create an Azure AD group that contains the administrators. What should you configure to meet the requirement with the least administrative effort?

  • Enable Security Defaults for the Azure AD tenant.

  • Configure an Azure AD Identity Protection sign-in risk policy that requires MFA for medium and high risk sign-ins.

  • Enable per-user Azure AD Multi-Factor Authentication for each administrator account.

  • Create a Conditional Access policy that targets the administrator group and the Microsoft Azure Management cloud app and grants access only if MFA is satisfied.

Microsoft Azure Security Engineer Associate AZ-500
Secure identity and access
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot