ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-101 All Questions

View all questions & answers for the MD-101 exam
Go to Exam

Exam MD-101 topic 5 question 31 discussion

Actual exam question from Microsoft's MD-101
Question #: 31
Topic #: 5
[All MD-101 Questions]

HOTSPOT -
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You have the devices shown in the following table.

You have a Conditional Access policy named CAPolicy1 that has the following settings:
✑ Assignments
- Users or workload identities: Group1
- Cloud apps or actions: All cloud apps
✑ Conditions
- Device platforms: include: Windows, Android
- Grant access controls: Require multi-factor authentication
You have a Conditional Access named CAPolicy2 that has the following settings:
✑ Assignments
- Users or workload identities: Group2
- Cloud apps or actions: All cloud apps
✑ Conditions
- Device platforms: Android
- Access controls: Block access
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
by Nerovats74 at Oct. 1, 2022, 1:36 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Fedexxx92
Highly Voted 2 years, 7 months ago
Correct answer: 1- Y: User1, member of Group1, only CAPolicy1 will be applied, Device2 is Android so can access Microsoft Exchange Online but require MFA to Sign-In (Per Legacy MFA disabled dosn't mean anything, if the user has never register MFA, it will require to register at first sign-in) 2- Y: User2, member of both Group1 and Group2, CAPolicy1 will be applied and grant access with MFA prompt 3- N: User2, member of both Group1 and Group2, but CAPolicy2 Block access from Android Device take precedence over CAPolicy1
upvoted 15 times
...
Nerovats74
Highly Voted 2 years, 9 months ago
NYN, block for android
upvoted 13 times
...
raduM
Most Recent 2 years, 7 months ago
I stand corrected if MFA is disabled then user 1 will not be able to connect, because he will not be prompted to configure mfa. so NYN
upvoted 4 times
AliNadheer
2 years, 4 months ago
i think you are right the first time.
upvoted 1 times
...
AliNadheer
2 years, 4 months ago
1- Yes; MFA is disabled on a group level and according to the conditional access policy created for group1 in this scenario, if any user in that group wants to access any cloud apps on any stated device the user will be forced to setup MFA to access so its not technically blocked but gated behind a condition so you have to meet a the condition to access requirment, on the other hand they can access non cloud app without mfa. 2-Yes; user meets the condition of CA policy applied on group1 and will be prompted with mfa to access on windows. 3-No: user because of CA policy 2, user will be prompted with mfa but will be blocked because of android
upvoted 2 times
...
...
raduM
2 years, 8 months ago
yyn. user1 will be required to configure mfa
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel