Enable Two-Step Verification for Azure Users

C

The correct answer is C. Create an Azure AD conditional access policy.

Two-step verification adds an extra layer of security to user accounts by requiring a second form of authentication, in addition to a password, to verify the identity of the user. This can help prevent unauthorized access to sensitive data or resources.

To enable two-step verification for Azure users, you can create an Azure AD conditional access policy. A conditional access policy is a set of rules that define when and how users can access Azure resources, based on specific conditions or criteria.

To create a conditional access policy for two-step verification, follow these steps:

1. Sign in to the Azure portal as a global administrator for the Azure AD tenant.
2. Navigate to Azure Active Directory > Security > Conditional access.
3. Click the + New policy button to create a new policy.
4. Give the policy a name and description that indicates it is for two-step verification.
5. In the Assignments section, select the users or groups that should be subject to the policy. You can select all users or specific groups.
6. In the Conditions section, select the conditions that must be met for the policy to apply. In this case, select the condition for two-step verification.
7. In the Access controls section, specify what actions should be taken when the policy is applied. For example, you can require users to use the Microsoft Authenticator app for two-step verification.
8. Click Create to save the policy.

Once the policy is created, it will apply to the selected users or groups, and they will be required to complete two-step verification when accessing Azure resources.