You have an Azure Active Directory (Azure AD) tenant and Windows 10 devices. You configure a conditional access policy as shown in the exhibit. (Click the Exhibit tab.) What is the result of the policy?
A.
All users will always be prompted for multi-factor authentication (MFA).
B.
Users will be prompted for multi-factor authentication (MFA) only when they sign in from devices that are NOT joined to Azure AD.
C.
All users will be able to sign in without using multi-factor authentication (MFA).
D.
Users will be prompted for multi-factor authentication (MFA) only when they sign in from devices that are joined to Azure AD.
Correct Answer:C
Explanation:
In this scenario, the enable policy is set to Off in the image. So, this policy will have no impact.
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
The policy is set to off, so the policy is effective.
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa
...
9. Confirm your settings and set Enable policy to On
...
The 'Report only' is just one of the three options by enable policy.
https://youtu.be/NZbPYfhb5Kc
The Enable Policy hast 3 states:
1) Report-Only
2) On
3) Off
In this case, it is OFF, so correct answer is C
Look under the "Configure a Conditional Access policy in report-only mode" header in the Tips box. Can't be clearer than that
Also, you can test yourself, and click on one of the 3 states mentioned yourelf
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-insights-reporting#configure-a-conditional-access-policy-in-report-only-mode
I think I need to clarify my answer. This seems to be an existing Policy. Why? The Save button is not enabled. This means, that the current info on the screen is current status of the Policy. If the Enable Policy button had been "On", then the Answer B would be correct, because you would get a MFA Prompt OR validated if you are on a Hybrid Azure AD joined device since the "Require one of the selected controls" is selected. Note the questions state "Users WILL be".
I agree with C being the correct answer if the policy is SAVED with the Enable Policy is kept OFF..., BUT depending on how the question is interpreted, correct answer could still be B. Because if the question is just meant to ask: What is the result of the policy WHEN APPLIED (meaning enabled), then the answer is B.
You need to know that MFA is enable by default since Oct 2019. So its not just dependent on this policy https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults
So even if the policy is not enabled MFA is still active by virtue of security defaults and its enforced. So the given answer is correct.
Section "Enable policy" is a subdivision to "MFA policy", parallel to "Assignments" and "Access control". Hence only Grant plays the role to this question.
Answer should be C:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa
After confirming your settings using report-only mode, an administrator can move the Enable policy toggle from Report-only to On.
This section is not available anymore. Please use the main Exam Page.AZ-304 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ruckii
Highly Voted 4 years, 4 months agoTEMPKAKAM
4 years, 3 months agoandyR
4 years, 4 months agosanketshah
4 years, 3 months agoquyennv
4 years, 4 months ago3nteng
4 years, 1 month agoKrsto
4 years, 1 month agoChris_MG
3 years, 3 months agoTable2022
3 years, 10 months agojugha
4 years agozuzu_toggler
3 years, 7 months agoRichard_M
3 years, 1 month agoRichard_M
3 years, 1 month agoeloylb
Highly Voted 4 years, 4 months ago3nteng
4 years, 1 month agoITStudies
4 years, 1 month agojellybiscuit
Most Recent 2 years, 7 months agopingpongset
2 years, 8 months agokanchanar05
3 years agomabwwdb
3 years, 1 month ago410ns0
2 years, 9 months agoTote
3 years, 2 months agoAJ1313
3 years, 3 months agoixl2pass
3 years, 3 months agoSanjSL
3 years, 3 months agoSst121
3 years, 4 months agomtk93
3 years, 4 months agoEitant
3 years, 4 months agoexamineezer
3 years, 4 months agoraud
3 years, 4 months agoMikhail1989
3 years, 5 months agosaninjesse
3 years, 5 months ago