Your company wants to enable multi-factor authentication (MFA) for all logins but the company does not have Azure AD Premium P1 or P2 licenses.
Which option does the company have to enable MFA in this case?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D
Conditional Access Policies can be implemented only with Azure AD Premium P1 or P2 licenses.
Azure Blueprints and Azure policies have no effect on the user logins.
Azure Security Defaults can be used to enforce MFA for all user logins and there is no need for an Azure AD Premium license.
Option A is incorrect.
Azure policies have no effect on the user logins.
Option B is incorrect.
Azure blueprints also have no effect on the user logins.
Option C is incorrect.
Conditional Access Policies can be implemented only with Azure AD Premium P1 or P2 licenses.
Option D is correct.
Azure Security Defaults can be used to enforce MFA for all user logins and there is no need for an Azure AD Premium license.
To know more about the security defaults, please visit the below-given link:
In order to enable multi-factor authentication (MFA) for all logins, the company needs Azure AD Premium P1 or P2 licenses. However, if the company does not have these licenses, they have some other options to enable MFA as well. The options are:
A. Azure Policies: Azure Policies are a set of rules that can enforce different kinds of governance in Azure. They can help you enforce policies like MFA by setting certain conditions on user accounts. For example, you can set a policy that requires MFA for all users in a specific group. However, Azure Policies alone cannot enforce MFA. They can only set conditions on user accounts.
B. Azure Blueprint: Azure Blueprint is a feature in Azure that allows you to create a set of governance artifacts that can be applied to your Azure environment. Blueprints can include policies, role assignments, and other settings. They can help you enforce MFA by including policies that require MFA for all users. However, like Azure Policies, Azure Blueprint alone cannot enforce MFA. They can only set conditions on user accounts.
C. Conditional Access Policy: Conditional Access Policy is a feature in Azure AD that allows you to set policies that control how and when users can access your Azure resources. You can set policies that require MFA for all users or for specific groups of users. Conditional Access Policy is a feature available in Azure AD Free and Azure AD Premium P1 licenses.
D. Azure Security Defaults: Azure Security Defaults is a feature in Azure that enables a set of predefined security configurations that help protect your organization's resources. One of these configurations is requiring MFA for all users. Azure Security Defaults is available to all Azure AD tenants and does not require any additional licensing.
In summary, if your company does not have Azure AD Premium P1 or P2 licenses and wants to enable MFA, they can use Azure Policies or Azure Blueprint to set conditions on user accounts, but cannot enforce MFA. Alternatively, they can use Conditional Access Policy or Azure Security Defaults to require MFA for all users.