AZ-900: Microsoft Entra Conditional Access

Microsoft Entra Conditional Access enables organizations to implement powerful, automated access control decisions based on conditions. It helps balance productivity with security by allowing or denying access based on user, location, device, and risk signals.

Example Scenarios

• A user accessing email from a company laptop at the office doesn’t need MFA.
• The same user accessing SharePoint from a coffee shop is prompted for MFA.
• A login attempt from a suspicious location is blocked entirely.

Planning Tools and Requirements

• The “What If” tool in Entra ID helps you simulate policy effects before enforcing them.
• You need a Microsoft Entra Premium P1 or P2 license or a Microsoft 365 Business Premium subscription to use Conditional Access features.
• Conditional Access can be used in combination with Passwordless authentication methods like Windows Hello or FIDO2.

Integration with Other Azure Features

• Use alongside Microsoft Entra ID for full identity protection.
• Applies when inviting external users or configuring guest access.
• Complements tools like Azure MFA, RBAC, and SSO.

---

Want to dive deeper into Microsoft Entra ID, security, and Conditional Access?

Check out my full AZ-900 video course where I explain these topics clearly—with real examples, diagrams, and quizzes to help you pass the exam and feel confident using Azure professionally.

Want more? Get hands-on in our AZ-900 video course – or click here to go back to the AZ-900 list of requirements.

Please click here to find out more about Microsoft’s AZ-900 exam.