Microsoft 365 Administrator — Question 274

Your company has offices in Seattle and Denver.

You have a Microsoft 365 subscription.

You plan to create a Conditional Access policy named Policy1 that will enforce multifactor authentication (MFA).

You need to ensure that users at the Seattle office are excluded from MFA. Users at the Denver office must always be prompted for MFA.

What should you configure for Policy1?

Answer options

• A. a named location that has IP ranges location set to the Seattle office
• B. Authentication strengths
• C. a named location that has Countries location set to United States
• D. VPN connectivity from the Seattle office

Correct answer: A

Explanation

The correct answer is A because configuring a named location with the IP ranges of the Seattle office allows you to exclude those users from MFA requirements. Option B, Authentication strengths, does not specifically address location-based exclusions. Option C is too broad as it only includes the entire United States and does not specifically exclude Seattle. Option D, VPN connectivity, does not relate to the Conditional Access policy setup for MFA exclusions.