Implement authentication and access management Questions
Practice questions for Implement authentication and access management topic in Microsoft Certified: Identity and Access Administrator Associate. 54 questions covering this domain.
An administrator suspects a user's refresh tokens have been stolen and wants to force the user to sign in again immediately. What should the administr...
A help desk team needs a temporary, limited-lifetime credential to onboard a user into passwordless authentication. Which method should be used?
A finance application has a particularly sensitive approval function that should trigger stronger authentication than the rest of the app. Which Condi...
The security team wants to nudge users to register stronger MFA methods during sign-in over time. Which feature should they configure?
A user's account is disabled, and the company wants connected apps to recognize the access change as quickly as supported instead of waiting for long ...
A security team wants to test a new Conditional Access policy and see its effect without blocking sign-ins yet. Which mode should they use?
A company wants to block passwords that contain internal product names and other organization-specific weak terms. Which Microsoft Entra feature shoul...
Which Microsoft Entra feature lets users reset their own passwords without calling the help desk?
A security architect wants Conditional Access to protect the act of activating a privileged role in PIM. Which feature should be used?
A company is rolling out Global Secure Access and specifically wants optimized and secured traffic handling for Microsoft 365 apps. Which capability b...
Which Microsoft Entra capability is used to detect and investigate risky users and risky sign-ins?
Remote employees need secure access to private on-premises applications through Global Secure Access. Which capability should be deployed?
Which authentication method is phishing-resistant and commonly uses security keys or platform credentials?
Which Microsoft Entra feature evaluates user, device, app, and risk signals and then applies grant or session controls?
Which Microsoft Entra page is used to enable, disable, and target specific authentication methods (such as Authenticator, FIDO2, or SMS) to users and ...
An organization wants to mark its corporate egress IP ranges as "trusted" so Conditional Access can apply different rules from those locations. Which ...
After repeated bad password attempts, Microsoft Entra should temporarily lock the account to slow brute-force attacks while still allowing legitimate ...
An organization uses Global Secure Access Internet Access and wants Conditional Access to recognize traffic coming through GSA as "compliant network."...
Which Microsoft Authenticator feature requires the user to type a number shown on the sign-in screen into the app to approve sign-in, mitigating MFA f...
An admin must block authentication methods that don't support modern auth (e.g., legacy POP/IMAP/SMTP). Which Conditional Access condition targets the...
Sign in to see all 54 questions
Create a free account to browse all questions — completely free during our launch phase.