Secure Azure AD Management for On-Premises Network | Exam AZ-304

Secure Azure AD Management for On-Premises Network

Question

You have a hybrid deployment of Azure Active Directory (Azure AD).

You need to recommend a solution to ensure that the Azure AD tenant can be managed only from the computers on your on-premises network.

What should you include in the recommendation?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A

To ensure that the Azure AD tenant can be managed only from the computers on your on-premises network, you can recommend implementing a conditional access policy.

A conditional access policy is used to enforce access controls based on certain conditions, such as user location, device compliance, and risk level. In this case, you can create a policy that only allows access to the Azure AD tenant from computers on the on-premises network. This can be achieved by configuring the policy to only grant access if the request is coming from a trusted IP address range associated with your on-premises network.

Azure AD roles and administrators, Azure AD Application Proxy, and Azure AD Privileged Identity Management are not suitable for this scenario.

Azure AD roles and administrators are used to manage access to Azure resources, not the Azure AD tenant itself.

Azure AD Application Proxy is used to securely publish on-premises web applications to external users, and does not restrict access to the Azure AD tenant from specific locations.

Azure AD Privileged Identity Management is used to manage and monitor privileged access to Azure resources, not to restrict access to the Azure AD tenant from specific locations.

Therefore, the correct answer is A. a conditional access policy.