Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals.
Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not initiate.
Solution: From the Azure portal, you configure the Block/unblock users settings for multi-factor authentication (MFA)
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B.
You need to configure the fraud alert settings.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettingsThe proposed solution to block users automatically when they report an MFA request that they did not initiate by configuring the Block/unblock users settings for MFA from the Azure portal is not a valid solution.
The "Block/unblock users" feature in MFA is used to block or unblock individual users from using MFA. This setting does not automatically block users when they report an MFA request that they did not initiate. Therefore, this solution does not meet the stated goal.
To address the issue of users receiving unexpected MFA prompts, you can perform the following steps:
Review the MFA service usage logs in Azure AD to determine the cause of the issue. The logs will show the user's IP address, device type, and browser information, which can help identify any unusual activity.
If the logs reveal that the user's account has been compromised, immediately block the user's account and initiate the necessary remediation steps.
Review the MFA authentication methods for the affected users and ensure that they are using the latest version of the Microsoft Authenticator app.
Check if the user has any active sessions that could be causing the unexpected MFA prompt. If yes, terminate those sessions and instruct the user to sign out from all devices.
Enable conditional access policies that require MFA for risky sign-ins. This can help prevent unauthorized access to the user's account.
In summary, the proposed solution of using the "Block/unblock users" feature for MFA does not address the issue of users receiving unexpected MFA prompts. Instead, a thorough investigation into the issue must be conducted, and appropriate actions taken based on the findings.