SC-300 Question #236: Real Exam Question with Answer & Explanation

Question

You have a Microsoft 365 tenant. All users have mobile phones and Windows 10 laptops. The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from the remote locations, the users connect their laptops to a wired network that has internet access. You plan to implement multi-factor authentication (MFA). Which MFA authentication method can the users use from the remote location?

Options

• ASMS
• BWindows Hello for Business
• Cvoice
• Da notification through the Microsoft Authenticator app

Explanation

Windows Hello for Business (Option B) is correct because it is a device-based authentication method that uses biometrics (fingerprint, facial recognition) or a PIN stored locally on the laptop - requiring no mobile phone, cellular signal, or Wi-Fi to function. It works entirely offline through the laptop itself, making it the only viable MFA option when users are at remote locations without mobile connectivity.

Why the distractors are wrong:

• A (SMS) requires a cellular/mobile network signal to receive text messages, which the users don't have at the remote location.
• C (Voice) similarly requires either a mobile phone signal or phone line to receive an automated call, which is unavailable.
• D (Microsoft Authenticator notification) requires an internet or data connection on the mobile phone to push notifications - but the users have no Wi-Fi or mobile connectivity on their phones.

Memory Tip: Think of Windows Hello for Business as the "self-contained" MFA method - everything it needs lives on the laptop itself. If a question mentions users have no phone signal and no Wi-Fi on their phones, immediately look for a device-bound authentication method like Windows Hello for Business as your answer.

No community discussion yet for this question.