Risk-Based Authentication — Microsoft Azure Security Engineer (AZ-500) Practice Questions
Risk-based authentication in Azure AD uses Microsoft Entra ID Protection to evaluate real-time and aggregate signals, such as unfamiliar sign-in locations or leaked credentials, and assigns a risk level to each sign-in or user account. The AZ-500 exam covers how to configure risk policies that automatically block sign-ins, require MFA step-up, or force password resets when risk thresholds are exceeded. Candidates must understand the difference between sign-in risk and user risk, and how to integrate these policies with Conditional Access.
Free questions on risk-based authentication
You are implementing multi-factor authentication in your organization. Some users are complaining about the complexity. What should you do to balance security and usability?
Free question · medium · full answer + explanation
More risk-based authentication questions in the full bank
- A user with high sign-in risk should be required to change their password. How do you enforce this? Unlock answer & explanation →