exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam

Exam AZ-305 topic 4 question 32 discussion

Actual exam question from Microsoft's AZ-305
Question #: 32
Topic #: 4
[All AZ-305 Questions]

You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.
Your company has a line-of-business (LOB) application that was developed internally.
You need to implement SAML single sign-on (SSO) and enforce multi-factor authentication (MFA) when users attempt to access the application from an unknown location.
Which two features should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Azure AD Privileged Identity Management (PIM)
  • B. Azure Application Gateway
  • C. Azure AD enterprise applications
  • D. Azure AD Identity Protection
  • E. Conditional Access policies
Show Suggested Answer Hide Answer
Suggested Answer: CE 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
bootless
Highly Voted 2 years, 3 months ago
Selected Answer: CE
Given answer is WRONG. Correct ist Azure AD enterprise applications and Conditional Access Enterprise App for SSO Conditional Access for MFA
upvoted 90 times
icklenutter
2 years, 3 months ago
Agree, Should be CE
upvoted 13 times
ServerBrain
1 year, 11 months ago
I can't agree with you more..
upvoted 4 times
dc4c4dc
5 months, 4 weeks ago
I can agree with you more...
upvoted 3 times
...
...
...
...
DeeSeeEss
Highly Voted 1 year, 9 months ago
Moderator, it's been 5 months with the incorrect answer and reasoning posted. Can we please get this updated for ease of use? The correct answer is obviously C,E.
upvoted 25 times
...
Thanveer
Most Recent 1 week ago
Selected Answer: CE
Agree with C,E
upvoted 1 times
...
SeMo0o0o0o
3 weeks ago
Selected Answer: CE
C & E are correct
upvoted 1 times
...
Lazylinux
7 months, 2 weeks ago
Selected Answer: CE
Agree with CE for any SSO use Enterprise App Conditional Access for MFA as it is option to configure in there
upvoted 2 times
...
ahmedkmj
8 months, 3 weeks ago
Selected Answer: CE
10000% CE
upvoted 2 times
...
dejedi
8 months, 4 weeks ago
Selected Answer: CE
I Agree with C / E
upvoted 1 times
...
SDiwan
9 months, 2 weeks ago
Selected Answer: CE
Create an enterprise app in Azure AD for SSO Conditional access for MFA
upvoted 1 times
...
Som_triv
1 year, 2 months ago
Enforce multi-factor authentication (MFA) - This can be done either by using the Identity Protection - using signed-in risk action or using the Conditional Access Policy (CAP). The only difference is that CAP needs to be applied per application and Identity Protection is for the overall user login to any of your Enterprise applications. As the problem in hand talk about a specific Application, CAP may be more appropriate answer. C and E are correct.
upvoted 3 times
josola
2 months, 2 weeks ago
The answers are correct but the reasoning of AIP (Azure Identity Protection) are not accurate. Yes, AIP provides the signals (i.e. high risk sign-in, risky user, etc.) BUT AIP doesn't allow configuration of MFA or enforcing. That's only Conditional Access.
upvoted 1 times
...
...
daniloaclima
1 year, 5 months ago
Selected Answer: CE
"C" and "E" is correct!
upvoted 1 times
...
NotMeAnyWay
1 year, 7 months ago
Selected Answer: CE
C. Azure AD enterprise applications E. Conditional Access policies C. Azure AD enterprise applications: You need to configure the LOB application as an enterprise application in Azure AD. This will allow you to configure SAML-based SSO for the application, enabling users to sign in using their Azure AD credentials. E. Conditional Access policies: You can create a Conditional Access policy in Azure AD to enforce MFA when users attempt to access the application from an unknown location. Conditional Access policies allow you to set specific conditions, such as location or device state, and apply security requirements, like MFA, when those conditions are met.
upvoted 5 times
...
JohnPhan
1 year, 8 months ago
Selected Answer: CE
Answer : C&E
upvoted 1 times
...
curtmcgirt
1 year, 8 months ago
Selected Answer: CE
Enterprise App for SSO Conditional Access for MFA
upvoted 1 times
...
omerco61
1 year, 9 months ago
Selected Answer: CE
Answer so clearly > Azure AD enterprise app - CAP
upvoted 1 times
...
VBK8579
1 year, 10 months ago
Selected Answer: CE
C. Azure AD enterprise applications E. Conditional Access policies
upvoted 1 times
...
OPT_001122
1 year, 10 months ago
Selected Answer: CE
C and E
upvoted 1 times
OPT_001122
1 year, 9 months ago
Remember the key words LOB SSO MFA
upvoted 1 times
...
...
albertoramos
1 year, 10 months ago
Selected Answer: CE
Given answer is WRONG.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago