You configure a new Microsoft 365 tenant to use a default domain name of contoso.com.
You need to ensure that you can control access to Microsoft 365 resources by using conditional access policies.
What should you do first?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaultsTo control access to Microsoft 365 resources by using conditional access policies, you should first disable Security defaults.
Security defaults are a set of pre-configured security settings that Microsoft recommends for all Microsoft 365 organizations. They include settings for MFA, self-service password reset, and other security features. However, Security defaults do not support conditional access policies, which are used to control access to resources based on certain conditions, such as user location, device type, and so on.
To use conditional access policies, you need to disable Security defaults and then enable and configure the appropriate policies.
Option A, "Disable the User consent settings," is not related to conditional access policies. User consent settings refer to the ability of users to grant third-party apps access to their Microsoft 365 data.
Option C, "Configure a multi-factor authentication (MFA) registration policy," is also not the first step in enabling conditional access policies. While MFA is an important security measure, it is not necessary to configure it before enabling conditional access policies.
Option D, "Configure password protection for Windows Server Active Directory," is also not related to conditional access policies or Microsoft 365. Password protection for Windows Server Active Directory is a separate security feature that helps protect against password-based attacks.
In summary, to ensure that you can control access to Microsoft 365 resources by using conditional access policies, you should first disable Security defaults.