🔥 3-day streak
Microsoft Identity and Access Administrator24 / 126
Question 24 of 126

Your organization has deployed FIDO2 security keys and Microsoft Authenticator passwordless sign-in to all administrators. Security policy now requires that members of the Global Administrator and Security Administrator roles can only complete sign-in using phishing-resistant methods, while all other users may continue to satisfy MFA with any registered method. You need to enforce this using Conditional Access with the least administrative effort. What should you configure?

Reviewed for accuracy · Report an issueNext question