You are the administrator of the ACME banking group. You are responsible for security events regarding identities in Azure. You need to ensure that when users sign into Azure remotely from countries that ACME does not conduct business there are additional security measures taken automatically. For example, they need to use MFA to complete their login. Which technology should you implement to accomplish this goal?
Identity Protection is correct, as it will assess and assign a risk level to each sign in. When a user signs in from another country that is out of the ordinary it can be configured to automatically challenge that sign in with a second authentication method by Multi-Factor Authentication. Azure Security Center is incorrect as this will not enable you to configure sign-in risk policies, ASC focuses more on identities that are related to Azure resource access. Privilege Identity management will not suffice as this enables users to activate additional roles in their identity. will not suffice as this is based on MFA by itself will not suffice as you there are limited options, either enabled, enforced or disabled and also no automatic intelligence associated with it.