Correct Answer:
Explanation/Reference:
Box 1: Create a multi-factor authentication provider with the Per Enabled User usage model.
Box 2: Enable multi-factor authentication for all useraccounts.
Box 3: Instruct users to use a mobile phone to complete the registration process.
Adding Multi-Factor Authentication to Azure Active Directory (for Office 365 users)
Step 1: First we create the usage model of the MFA provider. We should use PerEnabled User which is used for Office 365.
Note:
. Per Authentication – purchasing model that charges per authentication. Typically used for scenarios that use the Azure Multi-Factor Authentication in an application.
. Per Enabled User – purchasing modelthat charges per enabled user. Typically used for scenarios such as Office 365.
Step 2: Enable Multi-Factor Authentication for all your user accounts. You need to enable multi-factor authentication on your Office 365 users.
Step 3: Have a user sign-in and complete the registration process.
The users can usetheir mobile phones to complete the auto-enrollment process.
Details: After being enrolled for multi-factor authentication, the next time a user signs in, they see a message asking them to set up theirsecond authentication factor. Using the enrollment process the users will be able to specify your preferred method of verification.
The following methods exist: Mobile Phone Call, Mobile Phone Text Message, Office Phone Call, or Mobile App.
IncorrectAnswers:
The users do not use a single-use password to complete the registration. Instead they can use their mobile phone. This is one of the two notification modes of Azure Multi-Factor Authentication.
The Per Authentication provider model is not used forOffice 365.
References: http://technet.microsoft.com/library/dn249466.aspx
https://msdn.microsoft.com/library/azure/dn376346.aspx#create
