Question
When should you use Conditional Access vs. MFA?
Click to reveal answer
Answer
Conditional Access provides context-aware policies (location, device, risk). MFA is one of the grant controls within conditional access. Always prefer conditional access for flexibility.
Click to flip back
All Identity & Governance Flashcards
Q: When should you use Conditional Access vs. MFA?
A: Conditional Access provides context-aware policies (location, device, risk). MFA is one of the grant controls within conditional access. Always prefer conditional access for flexibility.
Q: What is the difference between Azure Policy and RBAC?
A: Azure Policy enforces what properties resources can have (compliance). RBAC controls who can perform actions on resources (access).
Q: When should you use PIM?
A: Privileged Identity Management provides just-in-time access for admin roles, reducing standing privileges. Use when you need approval workflows, time-limited access, or audit trails for elevated permissions.
Q: How do management groups help governance?
A: They create a hierarchy above subscriptions for applying policies and RBAC at scale. Up to 6 levels deep. Policies inherit downward.
Q: What is a landing zone?
A: A pre-configured, compliant subscription environment with networking, identity, governance, and security already set up. Part of Cloud Adoption Framework.