Microsoft 365 Administrator — Question 45

You have a Microsoft 365 E5 subscription.
Users access Microsoft 365 from both their laptop and a corporate Virtual Desktop Infrastructure (VDI) solution.
From Azure AD Identity Protection, you enable a sign-in risk policy.
Users report that when they use the VDI solution, they are regularly blocked when they attempt to access Microsoft 365.
What should you configure?

Answer options

• A. the Tenant restrictions settings in Azure AD
• B. a trusted location
• C. a Conditional Access policy exclusion
• D. the Microsoft 365 network connectivity settings

Correct answer: B

Explanation

Configuring a trusted location allows the VDI environment to be recognized as safe, preventing the sign-in risk policy from blocking users. The other options do not specifically address the need for acknowledging the VDI as a secure access point, which is crucial in this scenario.