Questions
- Which of the following is not a possible response to a Conditional Access policy being triggered?
a. Requiring Azure Advanced Threat Protection
b. Requiring MFA
c. Requiring an approved client app
d. Requiring a device to be marked as compliant
- True or false: Conditional Access is included with an Azure AD Premium P1 license.
a. True
b. False
- Which of the following is not one of the baseline policies included with Azure AD Conditional Access?
a. Requiring MFA for admins
b. Blocking legacy authentication
c. End user protection
d. Blocking modern authentication
- What are two possible methods of bypassing Conditional Access?
a. Setting named locations in Azure AD
b. Using Role-Based Access Control (RBAC)
c. Setting up MFA-trusted IPs
d. Enabling self-service password reset
e. Enabling pass-through authentication
- True or false: With Intune, you can use device-based compliance and app-based compliance in conjunction with Conditional Access.
a. True
b. False
- Where would you look to monitor Conditional Access events?
a. The Intune dashboard under Client Apps | App protection policies
b. The Intune dashboard under Device compliance | Policies
c. The Azure portal under Azure Active Directory | Security | Conditional Access | Policies
d. The Azure portal under Azure Active Directory | Monitoring | Sign-ins
- Which of the following assignments can you use to set the conditions of a Conditional Access policy (choose three)?
a. Sign-in risks
b. Locations
c. MFA
d. Directory roles
e. Device platforms
- True or false: With the What if feature, you can test the impact of Conditional Access on a user when signing in under certain conditions.
a. True
b. False
- Which of the following is not an available device platform with Conditional Access?
a. Android
b. Windows Phone
c. macOS
d. Linux
e. Windows
- True or false: With Conditional Access, it is possible to both include and exclude users, groups, and cloud apps from policy assignments.
a. True
b. False