You are the architect of the ACME banking group. You have been tasked to ensure all identities within the Azure tenant for ACME.com tenant is secured by multi-factor authentication. You notice there are the following baseline policies:
? Baseline policy: Require MFA for admins
? Baseline policy: Block legacy authentication
? Baseline policy: End-user protection
? Baseline policy: Require MFA for Service Management
You need to ensure MFA is prompted when authenticating to Azure PowerShell. Which of the following policies do you enable?
Baseline policy: Require MFA for Service Management is correct as this will require MFA for any user accessing the Azure portal, Azure PowerShell or Azure CLI. End-user protection is incorrect as this requires all users to register for MFA within 14 days. Block legacy authentication is incorrect as this is used to block legacy authentication methods like POP and IMAP. Require MFA for admins is incorrect as this forces the privileged accounts to make use of MFA.