Your organization is designing a privileged access strategy using Microsoft Entra ID. Which TWO configurations should be part of the design to protect privileged accounts?
MFA adds a strong layer of security for privileged accounts.
Why this answer
Options A and C are correct. Option A: Conditional Access with MFA for admin roles reduces risk of credential theft. Option C: Privileged Identity Management (PIM) provides just-in-time access and approval workflows.
Option B is wrong because security defaults enforce MFA for all users but lack granularity for privileged roles. Option D is wrong because self-service password reset is not specific to privileged accounts and does not protect against misuse. Option E is wrong because disabling MFA would weaken security.