Microsoft Azure Fundamentals AZ-900 Practice Question
Contoso wants to strengthen sign-in security for Microsoft Entra ID. The security team requires that users complete multi-factor authentication (MFA) only when they sign in from outside the corporate network or from devices that are not marked as compliant in Microsoft Intune. When users sign in from a compliant device on a trusted network, they should only need their password. Which Microsoft Entra capability should the administrator configure to meet this requirement?
Azure Policy
Microsoft Entra Conditional Access
Azure Network Security Groups (NSGs)
Microsoft Entra Privileged Identity Management (PIM)
Microsoft Entra Conditional Access lets administrators build policies that evaluate signals such as network location and device compliance, then apply controls like MFA when those conditions are met. Alternatives like Azure Policy, Network Security Groups, or Privileged Identity Management do not evaluate sign-in conditions or dynamically require MFA.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Multi-Factor Authentication (MFA)?
Open an interactive chat with Bash
What are Conditional Access policies?
Open an interactive chat with Bash
How does Microsoft Entra integrate with security in an organization?
Open an interactive chat with Bash
Microsoft Azure Fundamentals AZ-900
Azure Architecture and Services
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access