ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-304 All Questions

View all questions & answers for the AZ-304 exam
Go to Exam

Exam AZ-304 topic 2 question 25 discussion

Actual exam question from Microsoft's AZ-304
Question #: 25
Topic #: 2
[All AZ-304 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains a group named Group1. Group1 contains all the administrative user accounts.
You discover several login attempts to the Azure portal from countries where administrative users do NOT work.
You need to ensure that all login attempts to the Azure portal from those countries require Azure Multi-Factor Authentication (MFA).
Solution: Create an Access Review for Group1.
Does this solution meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by KumarPV at Dec. 10, 2020, 1:39 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
shashu07
Highly Voted 4 years, 4 months ago
Enable Conditional Access Policy
upvoted 34 times
j888
4 years, 1 month ago
I believed PIM is correct, as PIM main purpose is to restrict the admin access and it can as well forcing the requirement of MFA for Admin access. However, I do agree that if tehre is such a condition require for the unknown location to us MFA then this can be either conditional access (require p2 licence) or MFA service setting (you can place range of known IP addresses to not requiring IP add).
upvoted 2 times
yaiba
4 years, 1 month ago
P1 can do Multi-Factor Authentication with Conditional Access too.. https://azure.microsoft.com/en-us/pricing/details/active-directory/
upvoted 4 times
...
...
...
KumarPV
Highly Voted 4 years, 4 months ago
Agreed
upvoted 8 times
...
bootless
Most Recent 2 years, 8 months ago
Identity Protection with Conditional Access should work
upvoted 1 times
...
itenginerd
3 years, 1 month ago
Selected Answer: B
No, access reviews don't get it done. There are several ways to enable MFA without needing PIM, tho!
upvoted 1 times
...
Dawn7
3 years, 1 month ago
Selected Answer: B
Correct
upvoted 1 times
...
plmmsg
3 years, 1 month ago
Answer is NO
upvoted 1 times
...
Dawn7
3 years, 2 months ago
Selected Answer: B
I will go with NO.
upvoted 1 times
...
chichi0307
3 years, 6 months ago
correct a malicious actor getting access an authorized user inadvertently impacting a sensitive resour
upvoted 1 times
...
syu31svc
3 years, 7 months ago
Access reviews are used to access the memberships of users and groups defined in Azure AD Answer is clearly No
upvoted 3 times
...
rajvelm
3 years, 10 months ago
Seems Y is correct answer
upvoted 1 times
mingled
3 years, 8 months ago
lol... N (or B)
upvoted 2 times
...
...
erickim007
3 years, 10 months ago
The answer is 'Yes' as we need to use Azure AD Conditional Access. PIM is great tool that work against Azure AD Permission, Azure Subscription Role, RBAC Permission. PIM wouldn't be used for Azure AD resources (e.g. security group or Application). Azure Management Configuration (i.e. allowed or not) can be completed in Azure AD User setting and MFA should be completed by Azure AD Conditional Access, and shouldn't be using PIM.
upvoted 1 times
pentium75
3 years, 8 months ago
Yes, "we need to use Azure AD Conditional Access", but the suggestion solution here is "an Access Review", which does NOT meet the goal, thus the Answer is NO.
upvoted 5 times
...
...
glam
4 years, 3 months ago
B. No ..........
upvoted 3 times
...
airairo
4 years, 3 months ago
came in the exam last month.
upvoted 3 times
...
kopper2019
4 years, 4 months ago
Enable Conditional Access Policy as well
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago