Question

You are the network administrator of a company. The Microsoft 365 tenant contains sensitive information. Employees must verify their identities when they sign into Microsoft 365 by providing information in addition to their Azure AD password. You need to select the tools that employees can use to verify their identities. Which two tools should you select?

a) Microsoft Authenticator
b) SMS verification code
c) Security Questions
d) Biometric authentication

Answer 1

The tools to select for employee identity verification in Microsoft 365 are Microsoft Authenticator and SMS verification code, both of which add a second layer of security beyond the Azure AD password.

Step-by-step explanation:

The student is seeking assistance with selecting tools for identity verification for employees signing into Microsoft 365, a scenario commonly addressed in network administration and cybersecurity courses at the college level. The two-factor authentication methods suitable for this purpose would be:

• Microsoft Authenticator
• SMS verification code

Both options add a second layer of security by requiring an additional form of identification beyond the Azure AD password. Microsoft Authenticator is an app-based verification method that provides a time-sensitive code or a prompt to approve a sign-in. SMS verification code is a text message that delivers a one-time numerical code to the user's registered mobile phone. In practice, Biometric authentication is also a secure method of verifying identity, but it depends on whether the devices used by the employees have the required hardware and if the company's systems are set up to support biometric verification. Security Questions, although previously used, are not considered a strong form of authentication and are generally not recommended due to their susceptibility to being guessed or obtained through social engineering.