Microsoft Security, Compliance, and Identity Fundamentals — Question 214

What should you use to ensure that the members of an Azure Active Directory group use multi-factor authentication (MFA) when they sign in?

Answer options

• A. Azure role-based access control (Azure RBAC)
• B. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
• C. Azure Active Directory (Azure AD) Identity Protection
• D. a conditional access policy

Correct answer: D

Explanation

A conditional access policy is specifically designed to enforce multi-factor authentication based on defined conditions. The other options, such as Azure RBAC and PIM, focus on managing roles and identities but do not directly enforce MFA requirements.