Get a detailed understanding of user risk policies in Microsoft Entra. Learn how group assignments and risk levels affect password change requirements.
Table of Contents
Question
You have a Microsoft Entra tenant that contains the users shown in the following table.
| Name | Member of |
|---|---|
| User1 | Group1 |
| User2 | Group2 |
| User3 | Group1, Group2 |
You have a user risk policy that has the following settings:
- Assignments:
- Include: Group1
- Exclude: Group2
- Sign-in risk: Medium and above
- Access controls:
- Grant access: Require password change
When the users attempt to sign in, user risk levels are detected as shown in the following table.
| User | Risk level |
|---|---|
| User1 | High |
| User2 | Medium |
| User3 | High |
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Statements:
- User1 must change their password during sign in.
- User2 must change their password during sign in.
- User3 must change their password during sign in.
Answer
- User1 must change their password during sign in: Yes
- User2 must change their password during sign in: No
- User3 must change their password during sign in: No
Explanation
The user risk policy applies to users who are members of Group1 and excludes users who are members of Group2. The policy requires a password change for sign-in risks that are medium and above.
Given the user risk levels:
- User1 is a member of Group1 and has a high risk level. Therefore, User1 must change their password during sign in. (Yes)
- User2 is a member of Group2 and has a medium risk level. However, the policy excludes Group2, so User2 does not need to change their password during sign in. (No)
- User3 is a member of both Group1 and Group2 and has a high risk level. Despite the high risk level, the policy excludes Group2 members, which User3 is a part of. Therefore, User3 does not need to change their password during sign in. (No)
Microsoft SC-300 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft SC-300 exam and earn Microsoft SC-300 certification.