ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 2 question 116 discussion

Actual exam question from Microsoft's AZ-500
Question #: 116
Topic #: 2
[All AZ-500 Questions]

HOTSPOT
-

Your network contains an on-premises Active Directory domain that syncs to a Microsoft Entra tenant. The tenant contains the users shown in the following table.



The tenant contains the groups shown in the following table.



You configure a multi-factor authentication (MFA) registration policy that has the following settings:

• Assignments:
o Include: Group1
o Exclude: Group2
• Controls: Require Azure MFA registration
• Enforce Policy: On

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by danielklein09 at April 23, 2024, 12:34 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jimmy500
Highly Voted 1 year, 1 month ago
I think answer should be Yes,No,Yes. Here On-premisses sync does not make any sense as MFA applies user in the Azure if users already synced to Azure we are free to enforce mfa to them (question says users are already in Entra Id) So feel free to Mfa
upvoted 14 times
...
belyo
Most Recent 2 months, 3 weeks ago
funny how it states users arent synced, but at the same time ask on next Entra authentication... how can you not exist in entra and in the same time being auth against it
upvoted 1 times
rvln7
1 week, 6 days ago
"Your network contains an on-premises Active Directory domain that syncs to a Microsoft Entra TENANT. The TENANT contains the users shown in the following table." read the f question bro its YES-NO-YES
upvoted 1 times
...
...
alzdashti
3 months ago
No, No, Yes The answer is correct. User 1 and User 2 are not synced, so they cannot even log in to Entra.
upvoted 2 times
...
schpeter_091
8 months, 1 week ago
a bit off topic, but still relevant for the future: From 2025 January: ""We're removing the option to skip multifactor authentication (MFA) registration for 14 days when security defaults are enabled. This means all users will be required to register for MFA on their first login after security defaults are turned on," said Microsoft's Nitika Gupta.
upvoted 4 times
8de3321
8 months, 1 week ago
Wow, something new to learn all the time huh? By the way, when are you planning to take the exam? I already did one but failed.
upvoted 2 times
...
...
pentium75
1 year ago
User1: Yes (policy applies) User2: No (excluded from policy) User3: Yes (policy applies, that is synced from on-premises AD is irrelevant)
upvoted 4 times
8de3321
8 months, 1 week ago
This website is cringe, getting the answers wrong and I cannot believe I paid for this service.
upvoted 3 times
...
...
SimarS
1 year, 1 month ago
Why User1 will not be prompted to configure MFA registration and User3 have to register for MFA? The only difference I can see - For User1 On-premises sync is not enabled but for User3 it is enabled.
upvoted 1 times
8de3321
8 months, 1 week ago
All user excepted User 2 will be prompted to set up MFA. This website got the answers wrong. The answer is Y-N-Y.
upvoted 1 times
...
...
Apptech
1 year, 2 months ago
I go for YNN. User1: see Pambans explanation. User2: group exclusion overrides 3. synched user will also get registration promt. He is not forced toi register for 14 days, but the promt will appear
upvoted 1 times
Apptech
1 year, 2 months ago
sorry for mistyping: in conclusion to my explanations YNY
upvoted 5 times
...
...
Pamban
1 year, 3 months ago
I think box 1 should be YES explanation: When an administrator enables the Identity Protection policy requiring Microsoft Entra multifactor authentication registration, it ensures that users can use Microsoft Entra multifactor authentication to self-remediate in the future. Configuring this policy gives your users a 14-day period where they can choose to register and at the end are forced to register. https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-user-experience#multifactor-authentication-registration
upvoted 3 times
...
Apptech
1 year, 3 months ago
Even if User2 would be a synched account he wouldn't need to register for MFA because group exclusion overrides in this case
upvoted 2 times
...
danielklein09
1 year, 3 months ago
Agree, only User 3 is synced sonhe will need MFA
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel