ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 7 question 2 discussion

Actual exam question from Microsoft's MS-500
Question #: 2
Topic #: 7
[All MS-500 Questions]

HOTSPOT -
You are evaluating which finance department users will be prompted for Azure MFA credentials.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
by Chris7910 at Sept. 26, 2022, 7:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Unicorn02
Highly Voted 2 years, 5 months ago
Y-Y-N seems correct. Only 198.35.3.0/24 originating requests are defined here to bypass MFA, anthing else will be prompted for MFA. A trusted/named location is not necessarily excluded from MFA. This would only be the case, if defined as such in a conditional access policy. Talking from experience :-)
upvoted 5 times
...
pete26
Most Recent 2 years, 6 months ago
In my opinion it should be N, Y, N: The Montreal “name location” is defined in Azure AD as trusted – No MFA needed. - NO The home user’s IP Is not in the trusted IP list – he will be prompted for Authentication - YES “From the Multi-Factor Authentication page, an address space of 198.35.3.0/24 is defined in the trusted IPs list” – based on this New York office user will not be prompted for MFA - NO
upvoted 3 times
c95
2 years, 4 months ago
Same for me the location is under "named location" and is trusted so a trusted location won't get the MFA request as far as I know.
upvoted 1 times
...
EzeQ
2 years, 5 months ago
add that a "named location" by itself won't do a thing, it needs a Conditional Access rule to determine what happens in that location
upvoted 2 times
...
skycrap
2 years, 6 months ago
Named locations with private ip's are not supported: https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
upvoted 6 times
...
...
Chris7910
2 years, 7 months ago
Shouldnt it be NYN?
upvoted 2 times
yoton
2 years, 7 months ago
Explain? I assuming you may think this because the Montreal location is Trusted. If that is so, I agree with you but I'm not 100% sure if that is the correct answer.
upvoted 1 times
Sekoume
2 years, 7 months ago
why NY need MFA ? It's not trusted
upvoted 1 times
...
Chris7910
2 years, 6 months ago
@yoton6 Yes thought this because Montreal location is marked as trusted. @Sekoume6 Because NY is a namen location?
upvoted 2 times
PhyMac
2 years, 5 months ago
As Skycrap said, private ip in the named location can't work. So the box1 should be Yes. "Private IP ranges can't be configured" https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
upvoted 2 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago