Final answer:
To enforce Azure Multi-Factor Authentication (MFA) based on a condition, use Azure AD Conditional Access. This service allows customizable conditions for requiring MFA, enhancing security while maintaining user productivity.
Step-by-step explanation:
To enforce Azure Multi-Factor Authentication (MFA) based on a condition, the Azure service you should use is b) Azure AD Conditional Access. This service allows you to define certain conditions under which users or groups are required to perform multi-factor authentication. For instance, you might set up a policy that requires MFA when users attempt to access certain applications, when they are not on the premises, or when they are accessing services from a device that is not compliant with corporate policies. Azure AD Conditional Access is a powerful tool for ensuring that MFA is applied intelligently and only when necessary, thereby enhancing security without unduly impairing user productivity.