Exam MS-900 topic 1 question 252 discussion

All three statements are YES: The Microsoft Authenticator app can be used to sign in to various platforms or browsers by receiving a notification on a user's phone. The app provides an extra layer of security by requiring users to confirm their identity via their phone before accessing their accounts. Windows Hello is a biometric authentication feature built into Windows 10, which allows users to sign in to their devices using facial recognition or fingerprint matching. It is a convenient and secure way to authenticate without having to remember complex passwords. Fast Identity Online (FIDO) is an open authentication standard that enables users to sign in without using passwords by using hardware tokens, such as USB keys, or biometric factors, such as facial recognition or fingerprint matching. OAuth is a related standard that allows users to log in to third-party applications or services without sharing their passwords with those services. Together, FIDO and OAuth provide a secure and easy way to authenticate without relying on passwords.

i should get my money back .

In exam 08/30/24, I went with yes for all three. Regarding FIDO: "Users can register a passkey (FIDO2) and choose it as their primary sign-in method. With a hardware device that handles the authentication, the security of an account is increased as there's no password that can be exposed or guessed.....FIDO allows organizations to apply the WebAuthn standard by using an external security key, or a platform key built into a device, to sign in without a username or password." https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-passwordless

1st answer you authenticate with the app using a code - the business with the phone call is for setting up first time MFA - read again and don’t mix up the two

This should be Yes Yes Yes

First is NO I think, as for example from IE1.0 or Firefox 1.0 you won't be able to log in, so this closes out ALL browsers.

Yes, Yes and Yes - 1 and 3 details it on Microsoft's website. https://support.microsoft.com/en-us/account-billing/sign-in-to-your-accounts-using-the-microsoft-authenticator-app-582bdc07-4566-4c97-a7aa-56058122714c https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless

yes-yes-yes authenticator app allows you to log in on any platform ( cyberark example) windows hello provides authentication with fingerprint or facial recognition FIDO offers Hardware tokens for authentication: https://www.secsign.com/authentication-with-fido-2fa/

yes, yes, yes

1-Y Users can sign in to any platform or browser by getting a notification to their phone https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless

Other websites says Yes Yes Yes Can anyone clarify??

Very vague questions. In my opinion it should be: YES YES YES

The first one appears to be correct. Maybe its the phrase "any platform or browser" as there may be some that don't allow it? "The Authenticator app can help prevent unauthorized access to accounts and stop fraudulent transactions by pushing a notification to your smartphone or tablet. Users view the notification, and if it's legitimate, select Verify. Otherwise, they can select Deny." The third one looks correct. The only thing I can see is;"OATH hardware tokens are supported as part of a public preview" (but the question doesn't mention support?) https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-oath-tokens

Why is the first and third answer not "yes" ? What am I missing?