You are the Office 365 administrator for your company. The company uses Active Directory Federation Services (AD FS) to provide single sign-on to cloud-based services. You enable multi-factor authentication.
Users must NOT be required to use multi-factor authentication when they sign in from the company’s main office location.
However, users must be required to verify their identity with a password and token when they access resources from remote locations.
You need to configure the environment.
What should you do?
A . Disable AD FS multi-factor authentication.
B . Configure an IP blacklist for the main office location.
C . Disable the AD FS proxy.
D . Configure an IP whitelist for the main office location.
Answer: D
Explanation:
With ADFS you now get the option to whitelist an IP for multi-factor authentication (MFA).
For example, if you enable multi- factor authentication. Users must NOT be required to use multi-factor authentication when they sign in from the company’s main office location.
However, users must be required to verify their identity with a password and token when they access resources from remote locations.
Explanation:
https://msdn.microsoft.com/en-us/library/azure/dn807156.aspx