Exam-Answer

Home / Microsoft / AZ-300 / Question 213

Prev Question
Next Question

Question 213

You are the administrator of the ACME banking group. You are responsible for security events regarding identities in Azure. You are tasked to secure all guest user identities by only allowing logging in via Windows and blocking sign-ins from Android and iOS. When logging in the guest users must also use MFA by default. Which technology should you implement to accomplish this goal?

Answers


Advertisement

Explanation (click to expand)

Conditional Access is correct, as this allows rules to be created that specifies specific criteria when signing in which can then grant access, request additional authentication or even decline the request when logging in from a platform that is denied. Privilege Identity management will not suffice as this enables users to activate additional roles with their identity like Global Admin. MFA by itself will not suffice as there are limited options, either enabled, enforced or disabled and no automatic intelligence associated with it. Identity Protection will not suffice, as this is mainly associated with risky sign-ins and not blocking users from logging in via specific rule sets created.

References (click to expand)

Prev Question
Next Question

Load more