What is one requirement enforced when security defaults are enabled in Azure AD?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

When security defaults are enabled in Azure Active Directory (AD), one key requirement is that administrators must utilize Azure Multi-Factor Authentication (MFA). This is implemented to enhance security by requiring an additional verification method beyond just a username and password. Azure MFA can help protect against unauthorized access, especially for privileged accounts, by ensuring that even if a password is compromised, an attacker would still need the second factor for authentication.

The implementation of this requirement is part of a broader strategy to improve overall security posture, as relying solely on a password can expose organizations to various threats like phishing and credential stuffing attacks. Since administrators have access to sensitive data and critical resources, enforcing MFA for these accounts is a sound security practice to safeguard against potential breaches.

This approach complements other security measures but does not imply other methods like passwordless authentication or regular password changes are mandated under security defaults. Instead, security defaults focus specifically on enforcing MFA for administrative accounts as a baseline level of security.

More Multiple Choice Questions