What should you do?

Posted by: Pdfprep Category: AZ-303 Tags: , ,

Your company has an Azure subscription.

You enable multi-factor authentication (MFA) for all users.

The company’s help desk reports an increase in calls from users who receive MFA requests while they work from the company’s main office.

You need to prevent the users from receiving MFA requests when they sign in from the main office.

What should you do?
A . From Azure Active Directory (Azure AD), configure organizational relationships.
B . From the MFA service settings, create a trusted IP range.
C . From Conditional access in Azure Active Directory (Azure AD), create a custom control.
D . From Conditional access in Azure Active Directory (Azure AD), create a named location.

Answer: B

Explanation:

The first thing you may want to do, before enabling Multi-Factor Authentication for any users, is to consider configuring some of the available settings. One of the most important features is a trusted IPs list. This will allow you to whitelist a range of IPs for your network. This way, when users are in the office, they will not get prompted with MFA, and when they take their devices elsewhere, they will. Here’s how to do it:

Log in to your Azure Portal.

Navigate to Azure AD > Conditional Access > Named locations.

From the top toolbar select Configure MFA trusted IPs.

References: https://www.kraftkennedy.com/implementing-azure-multi-factor-authentication/

Leave a Reply

Your email address will not be published.