Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AZD) tenant named contoso.com. The tenant contains a group named Group1. Group1 contains all the administrative user accounts.
You discover several login attempts to the Azure portal from countries where administrative users do NOT work.
You need to ensure that all login attempts to the Azure portal from those countries require Azure Multi-Factor Authentication (MFA).
Solution: Create an Access Review for Group1.
Does this solution meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
No, creating an Access Review for Group1 does not meet the stated goal of requiring Azure Multi-Factor Authentication (MFA) for login attempts to the Azure portal from countries where administrative users do NOT work.
An Access Review is a process that helps organizations to review and manage group membership in Azure AD. It is used to identify and remove unnecessary or outdated memberships from groups. An Access Review does not have any direct relationship with the MFA requirement for login attempts.
To require MFA for login attempts from specific countries, you can use Azure Conditional Access policies. Azure Conditional Access policies allow you to evaluate conditions based on various factors such as user, device, location, application, and risk. You can create a new Conditional Access policy that targets the Azure portal and requires MFA for login attempts from specific countries. You can then assign the policy to the necessary user or group (in this case, Group1).
To summarize, creating an Access Review for Group1 does not meet the stated goal of requiring MFA for login attempts from specific countries. Instead, you should create a Conditional Access policy that targets the Azure portal and requires MFA for login attempts from specific countries, and then assign the policy to Group1.