You are the Office 365 administrator for your company. The company uses Active Directory Federation Services (AD FS) to provide single sign-on to cloud-based
services. You enable multi-factor authentication.
Users must NOT be required to use multi-factor authentication when they sign in from the company’s main office location. However, users must be required to verify
their identity with a password and token when they access resources from remote locations.
You need to configure the environment.
What should you do?
A.
Disable AD FS multi-factor authentication.
B.
Configure an IP blacklist for the main office location.
C.
Disable the AD FS proxy.
D.
Configure an IP whitelist for the main office location.
Explanation:
https://msdn.microsoft.com/en-us/library/azure/dn807156.aspx
The Trusted IPs allows users to bypass Azure Multi-Factor Authentication for website requests originating from specific IP addresses or subnets. For example, you
may want to exempt users from Azure Multi-Factor Authentication while logging in from the office. For this, you would specify the office subnet as an Trusted IPs
entry. To configure Trusted IPs use the following procedure: bla bla bla :))