Achieving Your Goal with the Right Tool

Correct Answer: D

If you need to block access to the model-driven apps outside of your company's office, you need to set up Azure Active Directory (Azure AD) Conditional access.

All users accessing Dataverse data are authenticated by Azure AD.

If you have a Premium Subscription to Azure AD, you can use the Conditional Access functionality.

It will help you block user access to Dataverse and the model-driven apps based on location - office IPs.

You can create groups for selective assignments and select Dataverse as a Cloud app for Conditional Access policy application.

Option A is incorrect because the Power Platform admin center is an administrative portal for managing the environments and settings for Power Apps, Power Automate, and Dynamics 365 products.

It does not have the functionality to limit access to Power Apps based on location.

Option B is incorrect because Microsoft 365 admin center is a unified administrative portal for access to all admin centers, like Power Platform (Power Apps, Power BI, and Power Automate), Azure AD, SharePoint Admin center, Teams, etc.

For Power Platform administrators, Microsoft 365 admin center is the primary point for managing accounts, users, and product subscriptions.

But it does not have the functionality to limit access to Power Apps based on location.

Option C is incorrect because Microsoft Trust Center is a web resource with information about how Microsoft implements and supports data security, privacy, transparency, and compliance in its products and services.

It does not have the functionality to limit access to Power Apps based on location.

Option E is incorrect because Azure Service Health service provides information about Azure services' health and helps users address and support Azure issues affecting their operations.

It does not have the functionality to limit access to Power Apps based on location.

For more information about Power Platform Conditional Access, please visit the below URL:

To limit the use of model-driven apps to your company's office, you can use Azure AD Conditional Access.

Azure AD Conditional Access is a tool that allows you to create policies that control access to your organization's resources based on specific conditions. With Azure AD Conditional Access, you can set policies that require users to authenticate using specific factors, such as multi-factor authentication (MFA), or only allow access from specific locations, such as your company's office.

Here are the steps you can follow to set up Azure AD Conditional Access to limit the use of model-driven apps to your company's office:

1. Go to the Azure portal and sign in with your admin credentials.
2. Navigate to Azure Active Directory and select Conditional Access.
3. Click on New Policy to create a new policy.
4. Give the policy a name that reflects its purpose.
5. In the Users and groups section, select the users or groups that the policy will apply to.
6. In the Cloud apps or actions section, select the model-driven app that you want to limit access to.
7. In the Conditions section, select the Locations condition and set it to your company's office location.
8. Review and adjust any other conditions that may be relevant to your organization's needs.
9. In the Access controls section, configure the desired access control settings, such as requiring MFA or blocking access entirely.
10. Save the policy and verify that it is active.

By following these steps, you can limit the use of model-driven apps to only those users who are accessing them from your company's office, thus increasing the security of your organization's data and resources.