Microsoft 365 Administrator Expert MS-102 Practice Question
You have enabled Microsoft Entra ID Protection for all users in your organization. The security team has provided these requirements:
If a user's user risk is High, block access until an administrator resets the password.
If a user's user risk is Medium, force the user to change the password during sign-in.
You set the User risk policy threshold to High = Block access and Medium = Require password change. However, Medium-risk users are still blocked because they have not registered any authentication methods.
Which additional configuration will meet the requirements with the least administrative effort?
Change the User risk policy so that Medium risk allows access and requires multifactor authentication.
Enable the Microsoft Entra multifactor authentication registration policy for all users.
Modify the Sign-in risk policy so that Medium sign-in risk requires self-service password reset.
Create a Conditional Access policy that blocks access when Medium user risk is detected.
The User risk policy action Require password change depends on the self-service password reset (SSPR) flow. Users must already have registered authentication methods before they can reset their own password. Enabling the Microsoft Entra MFA registration policy prompts unregistered users to register security information (used by both MFA and SSPR) at their next sign-in. Once registration is complete, Medium-risk users can satisfy the policy by performing an SSPR-based password change instead of being blocked. Changing the User risk policy to require MFA, altering the Sign-in risk policy, or adding a Conditional Access policy would not meet the stated requirement of forcing a password change at Medium user risk.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Microsoft Entra ID Protection?
Open an interactive chat with Bash
What is the Entra MFA registration policy?
Open an interactive chat with Bash
How does the self-service password reset (SSPR) flow work?
Open an interactive chat with Bash
Microsoft 365 Administrator Expert MS-102
Implement and manage Microsoft Entra identity and access
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .