You are the Office 365 administrator for your company. The company uses Active Directory Federation Services (AD FS) to pr
ovide single sign-on to cloud-based services. You enable multi-factor authentication.
Users must NOT be required to use multi-factor authentication when they sign in from the companys main office location. However, users must be required to verify their
identity with a password and token when they access resources from remote locations.
You need to configure the environment.
What should you do?
A. Disable AD FS multi-factor authentication.
B. Configure an IP blacklist for the main office location.
C. D
isable the AD FS proxy.
D. Configure an IP whitelist for the main office location.
Explanation:
With ADFS you now get the option to whitelist an IP for multi-factor authentication (MFA).
For example, if you enable multi- factor authentication. U
sers must NOT be required to use multi-factor authentication when they sign in from the companys main office location. However, users must be required to verify their identity with a password and token when they access resources from remote locations.
Re
ferences:
https://msdn.microsoft.com/en-us/library/azure/dn807156.aspx