Microsoft Azure Security Engineer Associate AZ-500 Practice Question
You need to ensure that every current and future member of all privileged Azure AD roles is prompted for multi-factor authentication (MFA) unless they sign in from a trusted named location. Which option should you choose in the Conditional Access policy's Assignments section so you do not have to maintain user or group lists manually?
Conditional Access lets you scope a policy to Azure AD privileged roles by selecting the Directory roles option under Users and groups. After you pick the relevant built-in roles-such as Global Administrator, Security Administrator, or Privileged Role Administrator-the policy automatically applies to anyone who is added to those roles in the future, eliminating the need to manage individual user or group assignments. Selecting All users would also affect non-privileged accounts, choosing Azure management scopes the policy to a specific application rather than a set of users, and configuring a High sign-in risk condition does not limit the policy to privileged roles.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Azure Directory roles, and why are they important in Conditional Access policies?
Open an interactive chat with Bash
What is the advantage of using Directory roles over manually assigning user or group lists in Conditional Access policies?
Open an interactive chat with Bash
What is a trusted named location, and how does it relate to multi-factor authentication (MFA) in Azure Conditional Access?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure identity and access
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .