Your network contains an Active Directory Domain named contoso.com. The domain contains 10 servers hat run Windows Server 2016 and 800 client computers that run Windows 10.
You need to configure the domain to meet the following requirements:
Users must be locked out from their computer if they enter an incorrect password twice.
Users must only be able to unlock a locked account by using a one-time password that is sent to their mobile phone.
You deploy all the components of Microsoft Identity Manager (MIM) 2016
Which three actions should you perform before you deploy the MIM add-ins and extensions? Each correct answer presents part of the solution.
A. Deploy a Multi-Factor Authentication provider and copy the required certificates to the MIM server
B. From a Group Policy object (GPO), configure Public Key Policies.
C. From the MiM Portal, configure the Owner Approval Workflow.
D. Deploy a Multi-Factor Authentication provider and copy the required certificates to the client computers.
E. From the MIM Portal, configure the Password Reset AuthN Workflow.
F. From a Group Policy object (GPO), configure Security Settings.
given answer is correct .
-Users must be locked out from their computer if they enter an incorrect password twice. (E)
-Users must only be able to unlock a locked account by using a one-time password that is sent to their mobile phone. (B and C), detailed configuration process in the following web page.
https://docs.microsoft.com/en-us/microsoft-identity-manager/working-with-self-service-password-reset#prepare-mim-to-work-with-multi-factor-authentication
From your link it is still AEF, re read the article and closely look at screen shots.
https://docs.microsoft.com/en-us/microsoft-identity-manager/working-with-self-service-password-reset#prepare-mim-to-work-with-multi-factor-authentication
correct