Security defaults should be enabled in Microsoft Entra ID

azure-active-directory
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Security defaults in Microsoft Entra ID provide preconfigured protections against common identity attacks. When enabled, all users must register for multifactor authentication (MFA), administrators must perform MFA at every sign-in, and legacy authentication protocols are blocked. These protections are available to all tenants at no additional cost.

Organizations that use Conditional Access policies may disable security defaults intentionally, because Conditional Access supersedes them. However, this rule still reports a failure because it cannot verify the presence of equivalent Conditional Access policies from this resource alone.

Remediation

Enable security defaults in the Microsoft Entra admin center under Identity > Overview > Properties > Manage security defaults. For guidance, see Microsoft Entra security defaults.