ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 2 question 37 discussion

Actual exam question from Microsoft's AZ-500
Question #: 37
Topic #: 2
[All AZ-500 Questions]

HOTSPOT -
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. The tenant contains the users shown in the following table.

The tenant contains the groups shown in the following table.

You configure a multi-factor authentication (MFA) registration policy that has the following settings:
✑ Assignments:
- Include: Group1
- Exclude: Group2
✑ Controls: Require Azure MFA registration
✑ Enforce Policy: On
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
by gcpbrig01 at March 13, 2021, 1:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jhonsteve83
Highly Voted 4 years, 3 months ago
Answer is correct : Yes-No-Yes
upvoted 66 times
...
teehex
Highly Voted 4 years, 1 month ago
the only exception here is User2 because it belongs to Group2 which is excluded in the Policy. Yes - No - Yes
upvoted 24 times
...
SofiaLorean
Most Recent 3 months ago
Yes, No, Yes
upvoted 1 times
...
goalkiller
1 year, 2 months ago
in exam today 53 q 5 casestudy -- no lab -- (in test center)
upvoted 5 times
wydad
1 year, 1 month ago
there is any news questions, not listed in this dump ?
upvoted 1 times
...
...
Weerayuth
1 year, 5 months ago
I am not sure about "MFA registration" and "during the user's next Azure AD authentication". For the next Azure AD authentication one should not conduct "MFA registration" again since he/she shoul already did the MFA registration.
upvoted 1 times
pentium75
11 months ago
Question assumes that "you configure MFA", which indicates that it hasn't been configured before and your users are not registered yet.
upvoted 1 times
...
xRiot007
11 months, 2 weeks ago
Not if the user has legacy login without MFA, prior to this.
upvoted 1 times
...
...
heatfan900
1 year, 10 months ago
Y = USER 1 IS ONLY ASSIGNED TO GROUP 1 WHICH ENFORCES MFA REGISTRATION. N = USER 2 BELONGS TO, BOTH, GROUP 1 AND 2 WHICH IS EXCLUDED. WHEN THERE IS A CONFLICT THE EXCLUSION WINS OUT. Y = USER 3 BELONGS SOLELY TO GROUP 1 AS DOES USER 1 AND WILL NEED TO REGISTER WITH MFA DO TO THE ENFORECMENT.
upvoted 19 times
...
timHAG
1 year, 10 months ago
isn't user three bieng in differeing onprem active directory? hence AAD MFA would not apply to him? hence third option is NO
upvoted 2 times
...
ESAJRR
1 year, 11 months ago
YES NO YES
upvoted 2 times
...
zellck
2 years, 1 month ago
YNY is the answer. https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy#policy-configuration Under Exclude, select Users and groups and choose your organization's emergency access or break-glass accounts.
upvoted 2 times
...
majstor86
2 years, 3 months ago
YES NO YES
upvoted 3 times
...
samimshaikh
2 years, 4 months ago
f a user (User B) is a member of two groups in Azure AD (Group 1 and Group 2), and an MFA policy is enforced only for Group 1, while Group 2 is excluded, the following will occur when User B logs on: If User B attempts to access a resource that is protected by the MFA policy and they are accessing the resource as a member of Group 1, they will be prompted to perform MFA. If User B attempts to access a resource that is not protected by the MFA policy, or if they are accessing the resource as a member of Group 2, they will not be prompted to perform MFA. In other words, the MFA policy will only apply to User B when they access resources as a member of Group 1. When accessing resources as a member of Group 2, the user will not be required to perform MFA. In this case, Group 2 user is accessing resources which excluded for MFA... I am satisfied with answer Yes, No, Yes
upvoted 2 times
...
certmonk
3 years, 1 month ago
The magic statement is "Require mfa REGISTRATION"
upvoted 4 times
...
Eltooth
3 years, 3 months ago
Yes - No _ Yes is correct answer.
upvoted 1 times
...
siobhan1
3 years, 3 months ago
## On today's exam 03/12/2022 ##
upvoted 4 times
...
cfsxtuv33
3 years, 4 months ago
Hey look at that...they got it right!
upvoted 7 times
macka2005
2 years, 6 months ago
For a change...
upvoted 2 times
...
...
CJ32
3 years, 4 months ago
YES - NO - YES Exclusion takes precedence over inclusion
upvoted 1 times
...
Cessyd
3 years, 5 months ago
On today's exam 06/01/22
upvoted 3 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel