You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant

HOTSPOT

You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant.

The tenant contains a group named Group1 and the users shown in the following table:

The tenant has a conditional access policy that has the following configurations:

Name: Policy1

Assignments:

– Users and groups: Group1

– Cloud aps or actions: All cloud apps

✑ Access controls:

✑ Grant, require multi-factor authentication

✑ Enable policy: Report-only

You set Enabled Security defaults to Yes for the tenant.

For each of the following settings select Yes, if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

View Answer

Answer:

Explanation:

Report-only mode is a new Conditional Access policy state that allows administrators to evaluate the impact of Conditional Access policies before enabling them in their environment.

With the release of report-only mode:

✑ Conditional Access policies can be enabled in report-only mode.

✑ During sign-in, policies in report-only mode are evaluated but not enforced.

✑ Results are logged in the Conditional Access and Report-only tabs of the Sign-in log details.

✑ Customers with an Azure Monitor subscription can monitor the impact of their Conditional Access policies using the Conditional Access insights workbook.