Mastering Multifactor Authentication (MFA)

Questions and Answers

Which of the following is a benefit of implementing MFA multifactor authentication?

Increased data storage capacity

Enhanced security by using a second form of authentication (correct)

Improved application performance

Streamlined user experience

What should organizations consider when choosing authentication methods for Microsoft Entra multifactor authentication?

The compatibility of each authentication method with other systems

The cost of each authentication method

The number of available authentication methods

The strength and security of each authentication method (correct)

Which authentication method is recommended for the best flexibility and usability in Microsoft Entra multifactor authentication?

SMS codes

Phone call verification

Microsoft Authenticator app (correct)

Email verification

Which organization sets the Authenticator Assurance Level 2 requirements?

National Institute of Standards and Technology (NIST)

Where can you configure Conditional Access policies in the Microsoft Entra admin center?

Protection > Conditional Access

What is one use case for requiring Microsoft Entra multifactor authentication?

Named locations

What is the recommended approach for prompting users for credentials in a multifactor authentication deployment?

Use devices with Primary Refresh Tokens (PRT)

Which of the following can be used to prompt users to set up the Microsoft Authenticator app during sign-in?

Conditional Access policies

Which method is recommended to secure the security registration process when users don't have licenses for Microsoft Entra ID Protection?

Require trusted devices and locations

What can be used as a backup method for users registered for MFA?

Microsoft Authenticator app

What is recommended for applications that are using RADIUS authentication?

Move to modern protocols like SAML or OAuth

Which of the following is a benefit of enabling the remember multifactor authentication feature?

Enables users to bypass authentication prompts

When the remember multifactor authentication feature is enabled, how often do modern authentication clients normally prompt for authentication?

Every 180 days

What is one potential drawback of enabling the remember multifactor authentication feature?

Increases the number of authentications for web apps

Which section provides reporting and troubleshooting information for Microsoft Entra multifactor authentication?

Reporting and Monitoring

What can you monitor using the Authentication Methods Activity dashboard?

User registration and usage of authentication methods

Which settings are available for configuring account lockout in Microsoft Entra multifactor authentication?

Account lockout (MFA Server only)

What happens when a user's device is lost or stolen in Microsoft Entra multifactor authentication?

The user's account is denied access for a specific period of time

Which feature of Microsoft Entra multifactor authentication bypasses multifactor authentication prompts for users who sign in from a defined IP address range?

Trusted IPs

Where can you access the service settings for Microsoft Entra multifactor authentication?

Microsoft Entra admin center

When is multifactor authentication required for browser flows and app passwords for older rich-client applications?

When trusted IPs feature is disabled

What does the remember multifactor authentication feature in Microsoft Entra do?

Allows users to bypass verification for a specified number of days

Which report will show a sign-in that was rejected by the user when they report a suspicious MFA prompt?

Sign-ins report

Which feature allows you to keep your tenant-wide Fraud Alert functionality while using Report suspicious activity with a targeted test group?

Manage suspicious activity events

Which type of tokens does Microsoft Entra ID support for use in multifactor authentication?

OATH TOTP SHA-1 tokens

What is the default phone number used by Microsoft for MFA voice calls in the United States?

+1 (855) 330-8653