Block Legacy Authentication to Azure AD: Where to Look | Exam MS-500

Where to Look for Legacy Authentication in Azure AD

Prev Question Next Question

Question

This is a part of a question set containing 2 questions: You are responsible for the Office 365 security in your organization.

You want to block legacy authentication to Azure AD as these protocols do not support MFA.

First you need to know if your users have apps that use legacy authentication.

Where should you look?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: C

You can determine who is using legacy authentication by navigating to Azure Portal-> Azure Active Directory -> Sign-ins.

Choose the Client App Column (add the client app column if it is not shown)

Filter the column and check all legacy authentication clients options.

Filter by status Success:

Feature ‘Azure AD Free - Security defaults Protect Azure AD tenant admin . accounts with MFA, Azure AD Free - Azure AD Global Microsoft Administralrs 365 apps # (Azure AD Global Administrator . accounts only) Azure AD Premium P1 or P2 Mobile app as a second factor . . . . Phone call as a second factor . . . SMS as a second factor . . . Admin control over verification . . . methods Fraud alert . MFA Reports . Custom greetings for phone calls . Custom caller ID for phone calls . Trusted IPs . Remember MFA for trusted . . . devices MFA for on-premises applications

Option A is incorrect.

Azure AD Connect allows you to manage sync configurations in the cloud, and syncing Active Directory users and groups.

Option B is incorrect.

Azure Active Directory Logs uses a log analytics workspace to query selected metrics and data.

You cannot view the authentication methods from Logs.

Option D is incorrect.

Azure Active Directory - Usage& Insights provides information about your most active applications and sign in success rate.

To know more about legacy authentication, please refer to the link below:

To block legacy authentication to Azure AD, you first need to determine whether any of your users have apps that use legacy authentication. Legacy authentication refers to older authentication protocols that do not support modern security measures such as multi-factor authentication (MFA).

To identify whether any of your users are using apps that use legacy authentication, you can look at the Azure Active Directory (Azure AD) Sign-ins logs. The Sign-ins logs provide information about authentication events in your Azure AD tenant, including information about the authentication method used, the client app that was used, and the user who authenticated.

To access the Sign-ins logs, follow these steps:

  1. Go to the Azure portal and sign in with your administrator account.
  2. Navigate to the Azure Active Directory service.
  3. In the left-hand navigation pane, click on "Sign-ins."
  4. In the Sign-ins blade, you can filter the logs by various criteria, such as date range, user, status, and application.
  5. Look for sign-ins that use legacy authentication protocols, such as Basic Authentication or POP/IMAP.

Once you have identified any apps or users that are using legacy authentication, you can take steps to block these protocols and enforce MFA for those users. This can be done using Azure AD conditional access policies, which allow you to create rules that restrict access to your Azure AD resources based on various criteria, including the client app being used, the user's location, and the authentication method being used.

Prev Question Next Question