You have an Azure solution that uses Multi-Factor Authentication for added security when users are outside of the office. The usage model has been set to Per
Authentication.
Your company acquires another company and adds the new staff to Azure Active Directory (Azure AD). New staff members must use Multi-Factor Authentication.
You need to change the usage model to Per Enabled User.
What should you recommend?
Click on the arrows to vote for the correct answer
A. B. C. D.B
Since it is not possible to change the usage model of an existing provider as it is right now, you have to create a new one and reactivate your existing server with activation credentials from the new provider.
https://365lab.net/2015/04/11/switch-usage-model-in-azure-multi-factor-authentication-server/The scenario described in this question involves a requirement to change the Multi-Factor Authentication (MFA) usage model in an Azure solution from Per Authentication to Per Enabled User. This change is necessary because new staff members who have been added to Azure Active Directory (Azure AD) need to use MFA.
To make this change, the recommended solution is to use the Azure portal. Option C, "Use the Azure portal to change the current usage model," is the correct answer.
Here's why:
Multi-Factor Authentication is a feature of Azure AD that helps to protect access to data and applications. When MFA is enabled, users must provide two or more forms of authentication to verify their identity before they can access a resource. The usage model for MFA determines how it is charged to customers. The two options available are Per Authentication and Per Enabled User.
Per Authentication means that customers are charged each time a user authenticates with MFA. This usage model is suitable for scenarios where MFA is used infrequently, such as for occasional remote access to corporate resources.
Per Enabled User means that customers are charged for each user that is enabled for MFA, regardless of how many times they authenticate. This usage model is suitable for scenarios where MFA is used frequently, such as for users who work remotely or access sensitive data.
To change the MFA usage model in Azure, you need to access the Azure portal and navigate to the MFA settings for your Azure AD tenant. From there, you can select the appropriate usage model and apply the changes. This process is simple and can be completed without the need for additional tools or resources.
Option A, "Create a new Multi-Factor Authentication provider and reconfigure the usage model," is not the recommended solution because it involves creating a new MFA provider. This would be unnecessary and potentially complex, as it would require configuring new settings and migrating existing users to the new provider.
Option B, "Create a new Multi-Factor Authentication provider with a backup from the current Multi-Factor Authentication provider data," is also not the recommended solution. This option involves creating a new MFA provider and backing up data from the current provider. While backups are important for disaster recovery purposes, they are not necessary for changing the MFA usage model.
Option D, "Use Azure CLI to change the current usage model," is technically possible, but it is not the recommended solution. Using Azure CLI would require more technical knowledge and effort than using the Azure portal, which is a more user-friendly and accessible tool.