🔥 3-day streak
Microsoft Azure Solutions Architect Expert58 / 187
Question 58 of 187
A financial services company has detected several incidents where attackers exfiltrated session tokens from compromised endpoints and replayed them from unmanaged devices to access Microsoft 365. Users authenticate with phishing-resistant MFA, but the stolen tokens bypass the MFA requirement because the session is already established. The security architect must recommend a Conditional Access capability that cryptographically binds the issued session token to the specific device, so a replayed token from a different device is rejected. Which capability should be recommended?
Reviewed for accuracy · Report an issueNext question