🔥 3-day streak
Microsoft Cybersecurity Architect Expert11 / 158
Question 11 of 158

A financial services company uses Entra ID for workforce identity. The security architect must design an access policy that meets three requirements: (1) when a user's sign-in is scored high risk during an active session, access must be re-evaluated and revoked without waiting for token expiry; (2) tokens must be bound to the device that requested them so a stolen refresh token cannot be replayed from another device; and (3) users flagged as high user-risk must be forced to securely reset their password before regaining access. Which combination of Entra capabilities should the architect specify?

Reviewed for accuracy · Report an issueNext question