Have you failed a job interview?
Send us your job interview questions and get correct answers.

Do you recommend to use per-user MFA or conditional access policies of Azure AD Identity Protection?

Experience Level: Senior
Tags: Azure Active DirectoryAzure AD Conditional AccessAzure Cloud

Answer

Enabling Azure AD Multi-Factor Authentication using Conditional Access policies is the recommended approach to protect users. Conditional Access is an Azure AD Premium P1 or P2 feature that lets you apply rules to require MFA as needed in certain scenarios.

For Azure AD free tenants without Conditional Access, you can use security defaults to protect users. Users are prompted for MFA as needed, but you can't define your own rules to control the behavior.

If needed, you can instead enable each account for per-user Azure AD Multi-Factor Authentication. When users are enabled individually, they perform multi-factor authentication each time they sign in (with some exceptions, such as when they sign in from trusted IP addresses or when the remember MFA on trusted devices feature is turned on).

Comments

No Comments Yet.
Be the first to tell us what you think.
Azure Conditional Access
Azure Conditional Access

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
Azure Active Directory
Azure Active Directory

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
AZ-304 Microsoft Azure Architect Design Preparation
AZ-304 Microsoft Azure Architect Design Preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself