Verify Two-Factor Authentication Prompt in Office 365 | Microsoft 365 Security Administration Exam

Where to Verify Two-Factor Authentication Prompt in Office 365

Prev Question Next Question

Question

You have set up a conditional access policy enforcing MFA for all users in your organization for all cloud apps.

You now want to verify that users are being prompted with two-factor authentication when logging in to Office 365

Where should you look?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: D

The sign-ins report provides you with information about the usage of managed applications and user sign-in activities, which includes information about multi-factor authentication (MFA) usage.

The MFA data gives you insights into how MFA is working in your organization.

Home > Conditional Access «>» Conditional Access | Named locations ‘Azure Active Directory « ++ Countries location | ++ 1P ranges location Configure MFA trusted IPs Policies © insights and reporting Named locations are used by Azure AD security reports to reduce false positives and % Diagnose and solve problems Location type : All types Trusted type : All types Manage [2 search names “> Named locations Name @ Custom controls (Preview) No named locations found. &% Terms of use VEN connectivity
Click or tap Enable application proxy. Y Enable application proxy’ + Configure an app © APPlication proxy provides single sign-on (SSO) and secure remote access for web applications hosted on-premises. Learn more about Application Proxy

Option A is incorrect.

Azure AAD Audit lets you view information about changes applied to your tenant such as users and group management or updates applied to your tenant's resources.

Sign-in details are not found here.

Option B is incorrect.

This report is related to access packages.

It enables you to list all the access packages a user can request, and view the access packages that are currently assigned to the user.

Option C is incorrect.

The Multi-Factor fraud alert feature lets users report fraudulent attempts to access their resources.

It is therefore not the right answer.

Reference:

To know more about Sign-in logs in Azure AAD, please refer to the link below:

The correct answer is D. From the Azure Active Directory admin center, view the Sign-ins.

Explanation: Conditional Access is a feature of Azure Active Directory that enables administrators to apply access controls to cloud applications based on specific conditions. One of the most common conditions that organizations enforce is multi-factor authentication (MFA) for all users accessing cloud applications. In this scenario, a conditional access policy has been set up to enforce MFA for all users in the organization for all cloud apps.

To verify that users are being prompted with two-factor authentication when logging in to Office 365, an administrator should look at the Sign-ins logs in the Azure Active Directory admin center. This will show a list of all sign-in attempts made by users and whether or not they were prompted for MFA.

To view the Sign-ins logs in the Azure Active Directory admin center, follow these steps:

  1. Go to the Azure Active Directory admin center (https://aad.portal.azure.com/).
  2. Click on "Sign-ins" under "Monitoring" in the left-hand navigation menu.
  3. The Sign-ins page displays all sign-in activities for the last 30 days. You can customize the view by selecting a specific time range, user, or application.

The Sign-ins logs will show whether or not MFA was enforced during the sign-in attempt. If MFA was enforced, it will show as "MFA required" in the "Status" column. If MFA was not enforced, it will show as "Success" or "Failure" in the "Status" column.

Therefore, option D, "From the Azure Active Directory admin center, view the Sign-ins," is the correct answer to this question.

Prev Question Next Question