Configuring Multi-Factor Authentication Flashcards
How can you access MFA settings in the Azure Portal?
By browsing to Azure Active Directory, and then to MFA.
What are some configuration options available in MFA settings?
Account lockout, block and unblock users, and other key configuration options.`
What does the account lockout setting do?
Temporarily locks out accounts in the MFA service if too many denied authentication attempts are detected.
What is the purpose of the block/unblock settings?
o manually prevent certain users on an on-prem MFA Server from receiving MFA requests.
What is the fraud alert feature used for?
Configuring settings related to users’ ability to report fraudulent verification requests from an on-prem MFA server.
What does the caching rules feature do?
Allows subsequent verification requests to succeed automatically if the user succeeds the first verification.
What can you view in the server status settings?
The status of on-prem MFA servers, including version, status, IP, and last communication time and date.
Where can you find the activity report?
Under “Manage MFA Server” for on-prem MFA Server implementations.
How many authentication methods are required by default for SSPR?
One authentication method is required by default.
How can you require users to register when they sign in for SSPR?
On the Registration page, select the option to require users to register when they sign in.
What is the self-service password reset URL?
The self-service password reset URL is https://aka.ms/sspr/.
How can you disable self-service password reset?
In the Azure AD portal, go to Password Reset, select none under self-service password reset enabled, and save the settings.
What type of sign-ins are displayed in the sign-ins report?
The sign-ins report displays interactive sign-ins where users have manually signed in using their username and password.
What information is shown in the default list view of the sign-ins report?
The default list view shows the sign-in date, related user, application signed into, sign-in status, conditional access status, and MFA requirements status.
How can you customize the view of the sign-ins report?
By clicking on “Columns” at the top, you can customize the view of the sign-ins report.
What information is displayed in the Basic Info tab of a specific sign-in?
The Basic Info tab shows user information, IP address of the sign-in, sign-in location, sign-in date, and client app used for the sign-in.