Practice Test 2 | Microsoft Azure Security Technologies | AZ-500 | Dumps | Mock Test
A company has an Azure AD tenant named “whizlabs.com”. The Azure AD tenant has the following users defined.
| Name | Member Of | Mobile Phone | Multi-factor authentication status |
| whizlabusrA | whizlabgrpA | 345 677 8900 | Disabled |
| whizlabusrB | whizlabgrpA , whizlabgrpB | None | Enabled |
| whizlabusrC | whizlabgrpA | 345 877 9000 | Enforced |
The company creates and enforces an Azure AD Identity Protection user risk policy that has the following settings-
- The risk policy is applied to include group “whizlabgrpA” and excludes “whizlabgrpB”
- The conditions use a sign-in risk of Medium or above.
- The Access is mentioned to “Allow access” and requires a password change.
If the user “whizlabusrB” signs in from an anonymous IP address, would the user be required to change the password?
A. Yes
B. No
Correct Answer – B
Here user whizlabusrB is a member of both user group whizlabgrpA & whizlabgrpB and MFA policy applied to include group “whizlabgrpA” and exclude “whizlabgrpB”
MFA status:
Enabled: The user has been enrolled in MFA but has not completed the registration process.
The question is about the change of password and not for registration.
Enforced: Azure AD Multi-Factor Authentication is required at sign-in.
Hence user whizlabusrB will not be prompted to change the password.
Reference:
Comments are closed, but trackbacks and pingbacks are open.