Your network contains an on-premises Active Directory and an Azure Active Directory (Azure AD) tenant.
You deploy Azure AD Connect and configure pass-through authentication?
Your Azure subscription contains several web apps that are accessed from the Internet.
You plan to enable Azure Multi-Factor Authentication (MFA) for the Azure tenant.
You need to recommend a solution to prevent users from being prompted for Azure MFA when they access the web apps from the on-premises network.
What should you include in the recommendation?
A . a site-to-site VPN between the on-premises network and Azure
B . an Azure policy
C . an Azure ExpressRoute circuit
D . trusted IPs
Answer: D
Explanation:
The Trusted IPs feature of Azure Multi-Factor Authentication is used by administrators of a managed or federated tenant. The feature bypasses two-step verification for users who sign in from the company intranet. The feature is available with the full version of Azure Multi-Factor Authentication, and not the free version for administrators.
References: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips
Leave a Reply