ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 4 question 33 discussion

Actual exam question from Microsoft's MS-500
Question #: 33
Topic #: 4
[All MS-500 Questions]

You have an Azure Active Directory (Azure AD) tenant that has a Microsoft 365 subscription.
You recently configured the tenant to require multi-factor authentication (MFA) for risky sign-ins.
You need to review the users who required MFA.
What should you do?

  • A. From the Microsoft 365 admin center, review a Security & Compliance report
  • B. From the Microsoft 365 Compliance center, run an audit log search and download the results to a CSV file
  • C. From the Azure Active Directory admin center, review the Authentication methods activities
  • D. From the Azure Active Directory admin center, download the sign-ins to a CSV file
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting
by maf001 at Nov. 29, 2020, 11:36 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
maf001
Highly Voted 4 years, 6 months ago
To review and understand Azure AD Multi-Factor Authentication events, you can use the Azure Active Directory (Azure AD) sign-ins report. This report shows authentication details for events when a user is prompted for multi-factor authentication, and if any Conditional Access policies were in use. For detailed information on the sign-ins report
upvoted 10 times
...
mkoprivnj
Most Recent 3 years, 6 months ago
Selected Answer: D
D is correct!
upvoted 2 times
...
Rstilekar
3 years, 6 months ago
You can use the Azure Active Directory (Azure AD) sign-ins report that shows authentication details for events when a user is prompted for MFA, and if any Conditional Access policies were in use.
upvoted 2 times
...
kiketxu
4 years, 2 months ago
I would say D as correct answer here, because I don't believe the answer C is up-to-date or isn't complete. I mean.... currently (3/21) you don't need to donwload the csv. Just go to: AAD blade -> Security (missing in the C answer) -> Authentication methods -> Registration and reset events (not activities like C answer) https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-methods-activity#registration-and-reset-events
upvoted 4 times
Robert__Susin
3 years, 10 months ago
I dont see where registration and reset of MFA relates to MFA prompt for risky sign-ins/risky users
upvoted 2 times
...
kiketxu
4 years, 2 months ago
*is complete
upvoted 2 times
...
...
PattiD
4 years, 5 months ago
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting#powershell-reporting-on-users-registered-for-mfa
upvoted 1 times
...
PattiD
4 years, 5 months ago
Correct Answer: D
upvoted 1 times
...
PattiD
4 years, 5 months ago
Get-MsolUser -All | Select-Object @{N='UserPrincipalName';E={$_.UserPrincipalName}}, @{N='MFA Status';E={if ($_.StrongAuthenticationRequirements.State){$_.StrongAuthenticationRequirements.State} else {"Disabled"}}}, @{N='MFA Methods';E={$_.StrongAuthenticationMethods.methodtype}} | Export-Csv -Path c:\MFA_Report.csv -NoTypeInformation
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel