Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that contains a group named Group1.
You need to enable multi-factor authentication (MFA) for the users in Group1 only.
Solution: From Multi-Factor Authentication, you select Bulk update, and you provide a CSV file that contains the members of Group1.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
We should use a Conditional Access policy.
Note: There are two ways to secure user sign-in events by requiring multi-factor authentication in Azure AD. The first, and preferred, option is to set up a
Conditional Access policy that requires multi-factor authentication under certain conditions. The second option is to enable each user for Azure Multi-Factor
Authentication. When users are enabled individually, they perform multi-factor authentication each time they sign in (with some exceptions, such as when they sign in from trusted IP addresses or when the remembered devices feature is turned on).
Enabling Azure Multi-Factor Authentication using Conditional Access policies is the recommended approach. Changing user states is no longer recommended unless your licenses don't include Conditional Access as it requires users to perform MFA every time they sign in.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstatesThe proposed solution of enabling MFA for the users in Group1 by selecting the Bulk update option and providing a CSV file that contains the members of Group1 does meet the stated goal.
Enabling MFA for users adds an additional layer of security to their sign-in process, requiring them to provide an extra form of authentication, such as a phone call, text message, or mobile app notification, in addition to their username and password. This helps to prevent unauthorized access to the users' accounts, even if their passwords are compromised.
To enable MFA for a group of users in Azure AD, the administrator can use the Bulk update option in the Multi-Factor Authentication settings. This option allows the administrator to upload a CSV file that contains a list of users for whom MFA should be enabled.
In this scenario, the goal is to enable MFA for the users in Group1 only. Therefore, the proposed solution of using the Bulk update option and providing a CSV file that contains the members of Group1 is appropriate and meets the stated goal.
It should be noted that there might be alternative solutions that can also meet the stated goal. For example, the administrator could use conditional access policies to require MFA for users in Group1, or they could enable MFA for individual users in Group1 through the Azure AD portal. However, the proposed solution of using the Bulk update option and providing a CSV file is a valid solution that meets the goal.