Phishing Resistance — Microsoft Azure Security Engineer (AZ-500) Practice Questions

Phishing-resistant authentication methods are designed so that credentials cannot be intercepted or replayed by an attacker who tricks a user into visiting a malicious site, unlike traditional passwords or push-notification MFA. On the AZ-500 exam, this concept relates to deploying methods such as FIDO2 security keys, Windows Hello for Business, and certificate-based authentication, which bind the credential to a specific origin and device. Security engineers should understand which authentication methods meet phishing-resistance requirements and when to mandate them for privileged or high-risk accounts.

Free questions on phishing resistance