exam questions

Exam AZ-104 All Questions

View all questions & answers for the AZ-104 exam

Exam AZ-104 topic 1 question 2 discussion

Actual exam question from Microsoft's AZ-104
Question #: 2
Topic #: 1
[All AZ-104 Questions]

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the multi-factor authentication page to alter the user settings.
Does the solution meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
green_arrow
Highly Voted 3 years, 5 months ago
B is correct, 1- the best way to enforce MFA is by Conditional Access 2- the device has to be identified by azure AD as A AD joined Device. 3- the trusted ip must be configured.
upvoted 152 times
jackdryan
1 year, 9 months ago
B is correct. You access the Azure portal to alter the grant control of the Azure AD conditional access policy.
upvoted 10 times
...
...
BeauChateau
Highly Voted 1 year, 7 months ago
Selected Answer: B
No, the solution does not meet the goal. To implement the required conditional access policy, the following steps should be taken: Create a new Conditional Access policy in Azure AD portal. Set the policy to require Multi-Factor Authentication and Azure AD device registration. In the policy's "Users and Groups" section, specify the Global Administrators group as the target. In the policy's "Conditions" section, specify the locations that are considered untrusted. Save the policy. Simply accessing the multi-factor authentication page and altering user settings does not provide a comprehensive solution to meet the stated goal.
upvoted 51 times
...
jack0467166
Most Recent 10 hours, 32 minutes ago
Selected Answer: B
B is correct. You access the Azure portal to alter the grant control of the Azure AD conditional access policy. https://github.com/orgs/community/discussions/146738
upvoted 1 times
...
kiwwwyis
1 month, 2 weeks ago
B. No is the answer because to enable the MFA depending on the condition can only be enabled from the conditional access option. Not from MFA option
upvoted 1 times
...
IsaacRayan
1 month, 3 weeks ago
La bonne réponse c'est la A
upvoted 1 times
...
examprepboy
2 months, 3 weeks ago
Selected Answer: B
You set MFA by conditional access and use the grant option
upvoted 1 times
...
SeMo0o0o0o
3 months, 1 week ago
Selected Answer: B
B is correct
upvoted 1 times
SeMo0o0o0o
1 month, 1 week ago
You access the Azure portal to alter the grant control of the Azure AD conditional access policy.
upvoted 2 times
...
...
tsummey
5 months, 3 weeks ago
Selected Answer: B
This isn't a user setting; you need to create a conditional access policy: Under Assignments select the Global Admin Group Under Conditions set the location to any location and exclude all trusted locations Under Access Controls, grant access and check the options for require MFA and require the device to be marked as compliant.
upvoted 3 times
...
tashakori
8 months, 3 weeks ago
No is right
upvoted 1 times
...
Saurabh_Bhargav
10 months, 1 week ago
B. No is the answer because to enable the MFA depending on the condition can only be enabled from the conditional access option. Not from MFA option
upvoted 1 times
...
go4adil
10 months, 1 week ago
Correct Answer: B (No) In order to implement MFA and Azure AD-Joined device, you need to create a 'Conditional Access Policy'. To implement conditional access policy; Go to Microsoft Entra-->Protection-->Security Center-->Conditional Access Page. (Microsoft Entra Premium is required to implement Conditional Access policy) MFA page can't facilitate implementation of conditional access policy.
upvoted 8 times
...
_gio_
11 months ago
Selected Answer: B
answer is B
upvoted 1 times
...
79652e9
12 months ago
B is correct
upvoted 1 times
...
Minaru
1 year, 1 month ago
Correct answer is B. The solution does not meet the goal. While accessing the multi-factor authentication page allows you to configure multi-factor authentication for users, it does not specifically target the members of the Global Administrators group. To meet the goal of requiring Global Administrators to use Multi-Factor Authentication and an Azure AD-joined device when connecting from untrusted locations, you need to set up an Azure AD conditional access policy.
upvoted 9 times
...
alexel222
1 year, 3 months ago
Selected Answer: B
correcto
upvoted 1 times
...
fiahbone
1 year, 3 months ago
Selected Answer: B
The clue to the answer is in the question. You want to implement an Azure AD conditional access policy.
upvoted 2 times
...
pb7o61
1 year, 3 months ago
Selected Answer: B
Given the requirements, you need to set up an Azure AD conditional access policy that enforces both Multi-Factor Authentication (MFA) and the use of Azure AD-joined devices for members of the Global Administrators group when connecting from untrusted locations. The provided solution suggests accessing the multi-factor authentication page to alter user settings. This would allow you to enforce MFA, but it does not address the requirement for the use of Azure AD-joined devices when they connect from untrusted locations. Thus, the solution does not fully meet the goal. The answer is: B. No.
upvoted 9 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago