Final answer:
Azure AD Identity Protection is required to use a sign-in risk condition in a Microsoft Entra conditional access policy, as it evaluates sign-in risk levels and informs access policies.
Step-by-step explanation:
To use a sign-in risk condition in a Microsoft Entra conditional access policy, your company must have access to Azure Active Directory (Azure AD) Identity Protection. Azure AD Identity Protection is a feature that utilizes machine learning and heuristic rules to detect potential vulnerabilities affecting your organization's identities and provides a consolidated view into risk events and potential vulnerabilities.
This service analyzes various signals to determine the sign-in risk level associated with each attempt to access your organization's resources. Based on this risk level, actions can be defined within a conditional access policy to either block access or require additional authentication steps, such as multi-factor authentication (MFA). So, the use of sign-in risk conditions is dependent on the functionalities provided by Azure AD Identity Protection.