Skip to content
hands-on lab

Using Conditional Access Policies to Enable Microsoft Entra ID Multi-Factor Authentication

Beginner
Up to 1h 15m
541
3.9/5
This lab is currently under maintenance. You can start the lab, but some instructions and screenshots may be inaccurate. We are actively working to resolve this issue and we apologize for any inconvenience.

Microsoft has currently disabled new registrations for the MS 365 Dev program. For the time being, please treat the lab as read-only or bring your own MS 365 account. Our team is currently working on an update, thank you for your understanding.

Start lab
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab description

Conditional access is a modern security mechanism that emphasizes identity as a security layer. It brings together signals from various sources such as the device a user attempts authentication from or the location from which they're attempting to authenticate and uses these signals to make a decision and enforce a policy. Microsoft Entra ID Conditional Access policies are simple if-then statements that work to verify every attempt at authentication.

In this lab, you will set up and test a conditional access policy to trigger a multi-factor authentication request.

Note: Due to this lab requiring the creation of a Microsoft 365 organization with an Admin Center, if you don't already have one you will need to provide a mobile phone number to pass the account creation process.

Learning Objectives

Upon completion of this lab, you will be able to:

  • Create a custom conditional access policy in Microsoft Entra ID
  • Test against target users whether the policy works

Intended Audience

  • Candidates studying for the SC-900 (Microsoft Security, Compliance, and Identity Fundamentals) Certification exam

Prerequisites

  • Familiarity with Microsoft Entra ID is recommended, but not necessary
Environment before
Environment after
About the author
Avatar
Adil Islam, opens in a new tab
Cloud Labs Developer
Students
7,804
Labs
39
Learning paths
1

Adil is a Microsoft Certified Trainer, former Azure Engineer, and loves all things Azure. He is a certified Azure Administrator and Azure DevOps Expert and has worked for some of the biggest MSPs in the world (Cognizant, New Signature, CoreAzure). He loves to combine his two passions: cloud and teaching.

Adil specializes in Azure Infrastructure services and has a curiosity for new, in-preview services from Azure, getting his hands familiar with the content before most of the world does. Outside of work, Adil helps run a growing community of IT professionals looking to break into the cloud and regularly runs workshops and webinars.

Covered topics
Identity and Access Management
Security
Microsoft Azure
Security for Azure
Microsoft Entra ID
Lab steps
Setting Up A Microsoft 365 Developer Account
Creating a Conditional Access Policy
Testing Conditional Access Policy to Trigger Multi-Factor Authentication Prompt