What should you do?

Posted by: Pdfprep Category: AZ-104 Tags: , , Post Date: May 30, 2021

You have an Azure Active Directory (Azure AD) tenant named contoso.com. Multi-factor authentication (MFA) is enabled for all users.

You need to provide users with the ability to bypass MFA for 10 days on devices to which they have

successfully signed in by using MFA.

What should you do?

A. From the multi-factor authentication page, configure the users’ settings.

B. From Azure AD, create a conditional access policy.

C. From the multi-factor authentication page, configure the service settings.

D. From the MFA blade in Azure AD, configure the MFA Server settings.

Answer: C

Explanation:

Enable remember Multi-Factor Authentication

✑ Sign in to the Azure portal.

✑ On the left, select Azure Active Directory > Users.

✑ Select Multi-Factor Authentication.

✑ Under Multi-Factor Authentication, select service settings.

✑ On the Service Settings page, manage remember multi-factor authentication, select the Allow users to remember multi-factor authentication on devices they trust option.

✑ Set the number of days to allow trusted devices to bypass two-step verification. The default is 14 days.

✑ Select Save.

References: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings

Author

Leave a Reply

Your email address will not be published.