Microsoft 365 Fundamentals MS-900 Practice Question

Conditional Access Policies enable organizations to enforce access controls based on defined conditions like location, device compliance, or sign-in risk. By implementing Conditional Access, the organization can require additional verification steps, such as multi-factor authentication (MFA), only when users sign in under certain conditions (e.g., from outside trusted locations or on unmanaged devices). This approach strengthens security without imposing extra steps on all sign-ins.

Enabling Multi-factor Authentication universally would require users to complete MFA at every sign-in, regardless of context, which might be inconvenient for users on secured networks. Self-Service Password Reset allows users to reset their passwords without administrator assistance but doesn't adjust sign-in requirements based on conditions. Role-Based Access Control manages access permissions based on user roles but doesn't modify authentication processes based on sign-in scenarios.