Learn how to configure Conditional Access policies to enforce multi-factor authentication (MFA) and hybrid Microsoft Entra device join for Azure VPN Gateway (GW1) to ensure secure access.
Table of Contents
Question
You have an Azure subscription that contains an Azure VPN gateway named GW1. GW1 provides Point-to-Site (P2S) VPN connectivity.
You need to ensure that all users connecting to GW1 meet the following requirements:
Connect by using a hybrid Microsoft Entra joined device.
Use multi-factor authentication (MFA).
What should you do?
A. Configure a Conditional Access policy.
B. Deploy Active Directory Certificate Services (AD CS) and install a computer certificate on each device.
C. Deploy Microsoft Entra Domain Services.
D. Configure a Microsoft Entra authentication method policy
Answer
A. Configure a Conditional Access policy.
Explanation
Conditional Access is the only option for enforcing access based on multiple conditions, such as MFA and hybrid join. Microsoft Entra DS is not correct. Certificates cannot meet the MFA requirement, since MFA server does not know whether the devices were hybrid joined.
Designing and Implementing Microsoft Azure Networking Solutions AZ-700 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Designing and Implementing Microsoft Azure Networking Solutions AZ-700 exam and earn Designing and Implementing Microsoft Azure Networking Solutions AZ-700 certification.