Microsoft Azure Fundamentals — Question 412

You have an Azure subscription and 100 Windows 10 devices.
You need to ensure that only users whose devices have the latest security patches installed can access Azure Active Directory (Azure AD)-integrated applications.
What should you implement?

Answer options

• A. a conditional access policy
• B. Azure Bastion
• C. Azure Firewall
• D. Azure Policy

Correct answer: A

Explanation

The correct answer is A, a conditional access policy, as it allows you to enforce access controls based on device compliance, including security updates. Azure Bastion (B) is for secure remote access to VMs, Azure Firewall (C) is a network security service, and Azure Policy (D) is for managing compliance at the resource level, none of which specifically address user access based on device patch status.