A manufacturing company wants to eliminate passwords for their factory floor workers who access shared kiosks. The workers do not have corporate mobile phones.

You need to recommend a passwordless authentication method that is highly secure, phishing-resistant, and does not require a mobile device.

Which TWO authentication methods meet these requirements? (Select TWO)

Answer options:

Microsoft Authenticator app

FIDO2 security keys

SMS-based authentication

Windows Hello for Business

OATH hardware tokens

How to approach this question

Filter out options that require a mobile phone, then select the true passwordless, phishing-resistant methods.

Full Answer

Microsoft Entra ID supports three primary passwordless authentication methods: Windows Hello for Business, Microsoft Authenticator, and FIDO2 security keys. Since the workers do not have mobile phones, Microsoft Authenticator is excluded. FIDO2 security keys (like YubiKeys) and Windows Hello for Business (using biometrics/PIN on the kiosk) are both highly secure, phishing-resistant, and do not require a mobile device.

Common mistakes

Selecting Microsoft Authenticator out of habit, ignoring the constraint that workers do not have mobile phones.

Question 07 All questions Question 09

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 2

55 questions · hints · full answers · grading

More questions from this exam

Q01Fabrikam Inc. is a global financial services company with 200 Azure subscriptions managed via a c...Hard Q02A healthcare organization has 500 on-premises Windows Server VMs and 300 Azure VMs. They are impl...Hard Q03You are designing a security monitoring solution using Microsoft Sentinel. The compliance depar...Easy Q04Your company has a microservices application deployed across multiple Azure App Service instances...Medium Q05A defense contractor is migrating to Microsoft 365 and Azure. They have a strict security policy ...Hard

View all 55 questions →