Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals.
Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not initiate.
Solution: From the Azure portal, you configure the Notifications settings for multi-factor authentication (MFA)
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B.
You need to configure the fraud alert settings.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettingsThe solution proposed in the question is not adequate to meet the stated goal. Configuring the Notifications settings for multi-factor authentication (MFA) in the Azure portal will allow an administrator to receive notifications when a user receives an MFA request, but it does not enable an automatic block of users when they report an MFA request that they did not initiate.
To meet the stated goal, a more appropriate solution would be to configure Conditional Access policies in the Azure Active Directory (Azure AD) portal. With Conditional Access policies, an administrator can define the conditions under which users can access Microsoft 365 services, including requirements for MFA.
To block users automatically when they report an MFA request that they did not initiate, an administrator could configure a Conditional Access policy that requires a user-initiated sign-in request before prompting for MFA. This policy could then be targeted to the group of affected users, effectively preventing them from accessing Microsoft 365 services until they contact the administrator to resolve the issue.
In summary, while configuring notifications for MFA in the Azure portal may be useful for monitoring MFA activity, it does not provide an automatic block for users who report unauthorized MFA requests. To achieve that goal, an administrator would need to configure a Conditional Access policy that requires a user-initiated sign-in request before prompting for MFA.