You are developing a web app that uses Azure Active Directory (Azure AD) for authentication.
You want to configure the web app to use multifactor authentication.
What should you do?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
MFA is enabled by conditional access policy.
It is the most flexible means to enable two-step verification for your users.
Enabling using conditional access policy only works for Azure MFA in the cloud and is a premium feature of Azure AD.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstartedTo configure a web app to use multifactor authentication with Azure Active Directory (Azure AD), you should create a conditional access policy in Azure AD. This policy will require users to provide additional authentication factors beyond just a username and password when accessing the web app.
Option A, enabling mobile app authentication, is not sufficient for multifactor authentication. While it does provide an additional authentication factor, it is not the only one needed for true multifactor authentication.
Option B, enabling the baseline policy in Azure AD conditional access, is also not sufficient. The baseline policy only requires a single authentication factor, such as a password, and does not meet the requirements for multifactor authentication.
Option D, installing the Azure Multi-Factor Authentication Server, is not necessary in this scenario. The Azure Multi-Factor Authentication Server is a software package that provides on-premises multifactor authentication, and is not needed for configuring multifactor authentication for a web app using Azure AD.
Therefore, the correct answer is option C, creating a conditional access policy in Azure AD. This policy can be configured to require multiple authentication factors, such as a password and a phone-based authentication code or biometric factor, before allowing access to the web app.