Domain 1.2: Authentication and Authorization — AZ-305 Practice Question 08

How to approach this question

Filter out options that require a mobile phone, then select the true passwordless, phishing-resistant methods.

Full Answer

FIDO2 security keys, Windows Hello for Business

Microsoft Entra ID supports three primary passwordless authentication methods: Windows Hello for Business, Microsoft Authenticator, and FIDO2 security keys. Since the workers do not have mobile phones, Microsoft Authenticator is excluded. FIDO2 security keys (like YubiKeys) and Windows Hello for Business (using biometrics/PIN on the kiosk) are both highly secure, phishing-resistant, and do not require a mobile device.

Common mistakes

Selecting Microsoft Authenticator out of habit, ignoring the constraint that workers do not have mobile phones.

How to approach this question

Full Answer

Common mistakes

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 2

More questions from this exam