Microsoft Security, Compliance, and Identity Fundamentals — Question 73

When security defaults are enabled for an Azure Active Directory (Azure AD) tenant, which two requirements are enforced? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

Answer options

• A. All users must authenticate from a registered device.
• B. Administrators must always use Azure Multi-Factor Authentication (MFA).
• C. Azure Multi-Factor Authentication (MFA) registration is required for all users.
• D. All users must authenticate by using passwordless sign-in.
• E. All users must authenticate by using Windows Hello.

Correct answer: B, C

Explanation

The correct answers are B and C because security defaults mandate that administrators use Azure Multi-Factor Authentication (MFA) and require MFA registration for all users to enhance security. Options A, D, and E are not enforced under security defaults, as they do not reflect the specific requirements established by Azure AD.