Practice free →
HomeAzure AZ-500cloudcomputingaz500identityaccess › Which Microsoft Entra ID feature should an engin…

Which Microsoft Entra ID feature should an engineer use to require MFA only when sign-in risk is elevated (unfamiliar location, anonymous IP, leaked credentials)?

AConditional Access policies (often with Identity Protection signals)
BStatic MFA-always-or-never with no risk evaluation
CDisabling MFA when users complain
DSharing TOTP seeds via email
Answer & Solution
Correct answer: A. Conditional Access policies (often with Identity Protection signals)
Conditional Access + Identity Protection give adaptive MFA (per AZ-500 §1 Conditional Access). The other options weaken security.
Solve this in the app — Azure AZ-500 practice & 24k+ MCQs →
Related questions