Your network contains an Active Directory domain named contoso.com that is federated to an Azure Active Directory (Azure AD) tenant. The on-premises domain contains a VPN server named Server1 that runs Windows Server 2016.
You have a single on-premises location that uses an address space of 172.16.0.0/16.
You need to implement two-factor authentication for users who establish VPN connections to Server1.
What should you include in the implementation?
A . In Azure AD, create a conditional access policy and a trusted named location
B . Install and configure Azure MFA Server on-premises
C . Configure an Active Directory Federation Services (AD FS) server on-premises
D . In Azure AD, configure the authentication methods. From the multi-factor authentication (MFA) service settings, create a trusted IP range
Answer: B
Explanation:
You need to download, install and configure the MFA Server.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfaserver-deploy
Leave a Reply