First lessonBlog
Sign Up

Question 8 of 10

Previous QuestionNext Question

You have a Microsoft 365 tenant named that has the following users:

Char showing User1 and User2 that has Group memberships

You create an Azure AD Identity Protection sign-in risk policy.

You've assigned the policy to GroupA and excluded GroupB.

You've set the sign-in risk condition to low and above.

You've set the access control to Allow access, require MFA

You need to understand how the policy will affect your users.

What will happen when one of the user's signs in from an anonymous IP address?

User1 will be

User2 will be

User1 is excluded from the policy because excluding GroupB takes precedence over the inclusion of GroupA.

User2 is blocked from signing in because the MFA status for the user is Disabled. Once User2 configures their MFA then they'll be able to log in with MFA.

Did you like the site?