Microsoft Identity and Access Administrator — Question 59
You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Linux.
You need to configure enhanced security for VM1. The solution must meet the following requirements:
• Ensure that users can sign in to VM1 by using their Microsoft Entra credentials.
• Ensure that users authenticate by using multi-factor out-of-band.
• Prevent users from signing in to VM1 by using passwords.
Which two authentication methods can you include in the solution? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Answer options
- A. the Microsoft Authenticator app
- B. FIDO2 security keys
- C. Temporary Access Pass
- D. SMS
- E. Windows Hello for Business
Correct answer: A, B
Explanation
The Microsoft Authenticator app and FIDO2 security keys are both capable of supporting passwordless authentication and multi-factor out-of-band verification, making them suitable for the requirements. The other options, such as SMS and Temporary Access Pass, do not fully satisfy the requirement to prevent password usage for signing in.