Microsoft 365 Administrator — Question 375

You have a Microsoft 365 E5 subscription.

You create a Conditional Access policy that blocks access to an app named App1 when users trigger a high-risk sign-in event.

You need to reduce false positives for impossible travel when the users sign in from the corporate network.

What should you configure?

Answer options

• A. exclusion groups
• B. multi-factor authentication (MFA)
• C. named locations
• D. user risk policies

Correct answer: C

Explanation

Configuring named locations allows you to designate specific IP ranges, such as those from your corporate network, thereby reducing false positives for impossible travel events. The other options do not directly address the issue of false positives related to geographic sign-ins, as exclusion groups and user risk policies serve different purposes and MFA adds an additional security layer rather than resolving the false positive issue.