Microsoft Azure Administrator Certification Transition (legacy) — Question 11

You have an Azure Active Directory (Azure AD) tenant.
All administrators must enter a verification code to access the Azure portal.
You need to ensure that the administrators can access the Azure portal only from your on-premises network.
What should you configure?

Answer options

• A. the multi-factor authentication service settings
• B. an Azure AD Identity Protection user risk policy
• C. the default for all the roles in Azure AD Privileged Identity Management
• D. an Azure AD Identity Protection sign-in risk policy

Correct answer: A

Explanation

Configuring the multi-factor authentication service settings allows you to enforce access conditions based on network location, ensuring that administrators can only access the Azure portal from the specified on-premises network. The other options focus on user risk and sign-in risk assessments, which do not specifically restrict access to a particular network.