Skip to main content

๐Ÿ’ผ 1.2 Conditional Access

Descriptionโ€‹

For most Azure tenants, and certainly for organizations with a significant use of Microsoft Entra ID, Conditional Access policies are recommended and preferred. To use conditional access policies, a licensing plan is required, and Security Defaults must be disabled.

Conditional Access requires one of the following plans:

  • Microsoft Entra ID P1 or P2
  • Microsoft 365 Business Premium
  • Microsoft 365 E3 or E5
  • Microsoft 365 F1, F3, F5 Security and F5 Security + Compliance
  • Enterprise Mobility & Security E3 or E5

Similarโ€‹

  • Internal
    • ID: dec-b-e20df6bf

Sub Sectionsโ€‹

SectionSub SectionsInternal RulesPoliciesFlags
๐Ÿ’ผ 1.2.1 Ensure Trusted Locations Are Defined - Level 1 (Manual)1
๐Ÿ’ผ 1.2.2 Ensure that an exclusionary Geographic Access Policy is considered - Level 1 (Manual)1
๐Ÿ’ผ 1.2.3 Ensure that A Multi-factor Authentication Policy Exists for Administrative Groups - Level 1 (Manual)1
๐Ÿ’ผ 1.2.4 Ensure that A Multi-factor Authentication Policy Exists for All Users - Level 1 (Manual)1
๐Ÿ’ผ 1.2.5 Ensure Multi-factor Authentication is Required for Risky Sign-ins - Level 1 (Manual)1
๐Ÿ’ผ 1.2.6 Ensure Multifactor Authentication is Required for Windows Azure Service Management API - Level 1 (Manual)1
๐Ÿ’ผ 1.2.7 Ensure Multifactor Authentication is Required to access Microsoft Admin Portals - Level 1 (Manual)1