ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 2 question 33 discussion

Actual exam question from Microsoft's AZ-500
Question #: 33
Topic #: 2
[All AZ-500 Questions]

HOTSPOT -
You work at a company named Contoso, Ltd. that has the offices shown in the following table.

Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com. All contoso.com users have Azure Multi-Factor Authentication (MFA) enabled. The tenant contains the users shown in the following table.

The multi-factor authentication settings for contoso.com are configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
by RameshSesetti at March 11, 2021, 7:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
RameshSesetti
Highly Voted 4 years ago
Answer is : No-No-Yes.
upvoted 205 times
Narragr
4 years ago
Why the option trusted ip is not checked
upvoted 5 times
xaccan
4 years ago
Check box is not for trusted ip, it is for federated users
upvoted 28 times
Jimmy500
1 year, 3 months ago
There i can not see federated users
upvoted 1 times
...
...
...
LJack
4 years ago
Agree should be no, no, yes
upvoted 22 times
...
Sethoo
4 years ago
Agree with your answer. The user from Boston (guestion 2)will not be asked for MFA because at present , the IP address from Boston is excluded from MFA requirements
upvoted 18 times
DarkCyberGhost
3 years, 1 month ago
But the Checkbox is blank so that function has not been enabled. therefore they will be asked for MFA as the Ip Range is not being excluded.
upvoted 6 times
khengoolman
3 years, 1 month ago
Please read the function, it has nothing to do with the IP whitelist. N N Y is correct
upvoted 6 times
...
...
...
rockyykrish
3 years, 6 months ago
No-Yes-Yes. The second answer will be yes. Skip multifactor authentication for trusted locations is not enabled.
upvoted 23 times
rawrkadia
3 years, 6 months ago
That checkbox is to skip MFA for federated intranet locations, simply having IPs or Ranges in the text box for trusted IPs turns it on.
upvoted 32 times
Vikku30
3 years, 2 months ago
Then why do they have the check box, I guess we need to check the check-box, is it not the case?
upvoted 3 times
domtopics
2 years, 5 months ago
Check box is for when users hit the internal interface of AD FS and receive a token, regardless of public IP address they go to Azure with. IP list is for public IP address they go to Azure with, regardless of how they authenticate.
upvoted 8 times
...
...
...
...
Load full discussion...
...
Pinto
Highly Voted 3 years, 12 months ago
Box1: No. because user1 had already signed in from device1 and had selected the 14 day period hence, won't be asked for MFA. Box2: No because Boston IP range is trusted. Box3: Yes because new device and Seattle IP is not trusted.
upvoted 76 times
...
SofiaLorean
Most Recent 4 days, 1 hour ago
No, No, Yes
upvoted 1 times
...
pentium75
7 months, 2 weeks ago
No-No-Yes.
upvoted 2 times
...
Obama_boy
1 year, 3 months ago
in exam 08/12/23
upvoted 2 times
...
wardy1983
1 year, 3 months ago
Box1: No. because user1 had already signed in from device1 and had selected the 14 day period hence, won't be asked for MFA. Box2: No because Boston IP range is trusted. Box3: Yes because new device and Seattle IP is not trusted.
upvoted 5 times
Kiano
11 months, 1 week ago
This is exactly what Pinto said. Why comment when you have no additional information?
upvoted 1 times
...
...
TheProfessor
1 year, 5 months ago
NNY is the answer. Boston's IPs are trusted.
upvoted 2 times
...
ArchitectX
1 year, 6 months ago
No-No-Yes
upvoted 3 times
...
heatfan900
1 year, 6 months ago
N = USER 1 CHECKED THE 'DON NOT ASK ME FOR 14 DAYS' CHECKBOX N = USER 2 IS SIGNING IN FROM A TRUSTED LOCATION WHICH BYPASSES MFA Y = USER 1 SIGNING IN AFTER THE 14 DAYS FROM A UNTRUSTED LOCATION.
upvoted 4 times
xRiot007
8 months ago
Wrong. It's Yes because user is signing in using a new device, not from an untrusted location.
upvoted 1 times
xRiot007
8 months ago
Ignore first reply. Unstrusted location seems to be medium.
upvoted 1 times
...
...
...
ESAJRR
1 year, 8 months ago
No-Yes-Yes. The second answer will be yes. Skip multifactor authentication for trusted locations is not enabled.
upvoted 2 times
...
zellck
1 year, 10 months ago
NNY is the answer. https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips The trusted IPs feature of Azure AD Multi-Factor Authentication bypasses multi-factor authentication prompts for users who sign in from a defined IP address range. You can set trusted IP ranges for your on-premises environments. When users are in one of these locations, there's no Azure AD Multi-Factor Authentication prompt. The trusted IPs feature requires Azure AD Premium P1 edition.
upvoted 1 times
Jimmy500
1 year, 3 months ago
Check box is not picked for second one
upvoted 1 times
...
zellck
1 year, 10 months ago
https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#remember-multi-factor-authentication The remember multi-factor authentication feature lets users bypass subsequent verifications for a specified number of days, after they've successfully signed in to a device by using MFA. To enhance usability and minimize the number of times a user has to perform MFA on a given device, select a duration of 90 days or more.
upvoted 1 times
...
...
Gesbie
1 year, 11 months ago
In Exam April 11, 2023
upvoted 6 times
...
pekay
1 year, 11 months ago
the answer is no no yes
upvoted 2 times
...
r_git
1 year, 12 months ago
No = User1 on Device1 selected Don't ask again for 14 days on June 1. No = User2 on Device2 signs in from the Boston office IP address subnet 180.15.10.0/24 which is added in trusted ips textbox https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips Yes = User1 signs in to a new device which triggers MFA since it is a new sign in from a new device. The previous 14 days selection was tied to session on Device1
upvoted 1 times
...
majstor86
2 years ago
NO NO YES
upvoted 2 times
...
fonte
2 years, 2 months ago
Hi all, Passed my exam (13JAN2023) with 918. 50 questions (45 + 5 of a case study). Around 95% of the questions are here. I've compiled the questions and my answers in a ppt, feel free to check it out and hope it helps. https://www.dropbox.com/s/ay00xp2fnloq1ex/AZ%20500%20-%20Exam%20Topics.pptx?dl=0 Use pass az500prep to open the file. Thanks to all the people that comment on questions, I wouldn't have passed without them :)
upvoted 3 times
Tweety1972
1 year, 10 months ago
Doesn't work
upvoted 1 times
...
...
josh_josh
2 years, 2 months ago
The trusted IPs feature of Azure AD Multi-Factor Authentication bypasses multi-factor authentication prompts for users who sign in from a defined IP address range. You can set trusted IP ranges for your on-premises environments. When users are in one of these locations, there's no Azure AD Multi-Factor Authentication prompt.
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago