Exam AZ-305 topic 5 question 1 discussion

If it helps there seem to be only 3 case studies. All the others have the same case, but different questions Maybe the admins can merge this ? topic 5: Litware topic 6: Contoso topic 7: Fabrikam topic 8: Litware = topic 5 topic 9: Fabrikam = topic 7 topic 10: Contoso ltd = topic 6 topic 11: Fabrikam = topic 7 topic 12: Litware = topic 5 topic 13: Contoso ltd = topic 6 topic 14: Contoso ltd = topic 6 topic 15: Litware = topic 5 topic 16: Fabrikam = topic 7

Correct. appeared in exam, 10/14/2022. I passed with 946/1000 and there were only 1~2 new questions but others were all from AZ-305 dump.

CORRECT

Given Answer is correct

This Case study was in the Exam. I passed the exam today 17-09-2023 with a score of 906/1000. Four new questions.! The team is easier than AZ-104. A new question of hot spot related to FrontDoor and PIM, to drag the OWASP or Just-in Time. Another question related to subnets and DNS.

1. To register the users for Azure MFA, use: a. Azure AD identity Protection. Azure AD Identity Protection is a tool that allows organizations to discover, investigate, and remediate identity-based risks in their environment. It can help you manage the roll-out of Multi-Factor Authentication (MFA) registration by prompting users for registration during risk sign-in attempts. 2. To enforce Azure MFA authentication, configure: a. Grant control in capolicy1. Grant controls are used to enforce additional requirements that a user must meet before they are granted access. You can enforce Azure MFA by setting it as a requirement in the Grant control settings of Capolicy1.

The provided answer is correct. First box "Azure AD Identity Protection": https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy Second box "Grant control in capolicy1": 7. Under Access controls > Grant, select Grant access, Require multifactor authentication, and select Select. https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa#create-a-conditional-access-policy

appeared in exam 02/15/2023

the given ans is correct

I agree with both selections, the answer is correct to me

Given answer is correct, 'nuff said.

One can define AD Authentication Method Policy which enforces MFA. So, it could be Azure AD Authentication Method Policy and Grant Control. You could navigate to Access Method for the AD by Security-> Manage Section-> Authentication Methods

Identity Protection Grant control Identity protection can create MFA registration policies if you have AD Premium P2. (which is mentioned in the study) https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa

It's security defaults for MFA https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults

1: Azure AD Identity Protection 2: Grant control in capolicy1

First part does not make sens. Identity Protection has nothing to do with hybrid adjoined device or enforcing mfa to resource managers. It can provide risky policies or password protection.