Exam MS-900 topic 1 question 185 discussion

Hardware tokens are an MFA option. Phone option does not give you a verification code. Answer is A. https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#verification-methods

Correct Answer is B. Here's the proof: https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_password-mso_o365b/mfa-cant-add-office-phone-as-mfa-option-and-cant/0961d8c2-c2ce-4be8-903e-7422b2b03d85

The multi-factor authentication method that is NOT a valid method in Microsoft 365 among the options provided is: A. Receive an automated call on the desk phone that includes a verification code Here's why: B. Insert a small card into a desktop computer and provide a PIN code when prompted: This describes using a smart card, which is a valid MFA method in Microsoft 365. C. Receive a call on a mobile phone and select the pound sign (#) when prompted: This describes phone call authentication, where the user confirms their sign-in by pressing a key on their phone, which is a valid MFA method. D. Receive an SMS text message that includes a verification code: This describes SMS-based authentication, which is a common and valid MFA method in Microsoft 365.

The correct answer is: B. Insert a small card into a desktop computer and provide a PIN code when prompted Explanation: This is not a valid multi-factor authentication (MFA) method in Microsoft 365 / Azure AD. While smart cards (physical cards with certificates) can be used for authentication in some enterprise environments, the described method (inserting a card into a desktop computer and entering a PIN) is not one of the standard Azure AD MFA methods. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods

In Microsoft 365, the valid multi-factor authentication (MFA) methods include: A. Receiving an automated call on the desk phone that includes a verification code. C. Receiving a call on a mobile phone and selecting the pound sign (#) when prompted. D. Receiving an SMS text message that includes a verification code. However, option B, "Insert a small card into a desktop computer and provide a PIN code when prompted," is not a valid MFA method in Microsoft 365. This method describes a smart card authentication, which is not part of the standard MFA options provided by Microsoft 365.

B is a token hardware. Is a MFA methos valid. A is the answer

B is a valid method MFA. yubikey works like this

The method that is **NOT** a valid multi-factor authentication (MFA) method in Microsoft 365 is: **B. Insert a small card into a desktop computer and provide a PIN code when prompted.** This method refers to using a smart card, which is not one of the supported MFA methods in Microsoft 365. The valid MFA methods in Microsoft 365 include options like calls, SMS text messages, app notifications, and verification codes.

tokens dont work like that so per eleimination B is not a valid option

There is no Call to phone PIN: Call to phone: Places an automated voice call. The user answers the call and presses # on the phone to authenticate. The phone number isn't synchronized to on-premises Active Directory. Source: https://learn.microsoft.com/en-us/entra/identity/authentication/howto-mfa-mfasettings#phone-call-settings

With office phone call verification during SSPR or Microsoft Entra multifactor authentication, an automated voice call is made to the phone number registered by the user. To complete the sign-in process, the user is prompted to press # on their keypad. source: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-phone-options

Smart cards are a valid MFA option

Answer A, you don't get a pin code on the phone call. You just get an option to press #

Answer here is A Call to phone Places an automated voice call. The user answers the call and presses # on the phone to authenticate. The phone number isn't synchronized to on-premises Active Directory.

I totally agree with this answer

B. Insert a small card into a desktop computer and provide a PIN code when prompted is not a valid multi-factor authentication method in Microsoft 365. Microsoft 365 offers several multi-factor authentication methods, including: A. Receive an automated call on the desk phone that includes a verification code B. Receive a call on a mobile phone and select the pound sign (#) when prompted C. Receive an SMS text message that includes a verification code D. Use a mobile app notification or verification code Inserting a small card into a desktop computer and providing a PIN code is not a valid multi-factor authentication method in Microsoft 365.

I would also say a because phone does not give you a verification code, you just have to press #