Conditional Access
- CA-DV01: Require compliant or hybrid Azure AD joined device for admins
- CA-DV02: Block access for unknown or unsupported device platform
- CA-DV03: No persistent browser session
- CA-DV04: Require approved client apps and app protection
- CA-DV05: Require compliant or hybrid Azure AD joined device or multi-factor authentication for all users
- CA-DV06: Use application enforced restrictions for unmanaged devices
- CA-SD01: Require multi-factor authentication for admins
- CA-SD02: Block legacy authentication
- CA-SD03: Require multi-factor authentication for all users
- CA-SD04: Require multi-factor authentication for Azure management
- CA-ID01: Securing security info registration
- CA-ID02: Require multi-factor authentication for guest access
- CA-ID03-P2: Require multi-factor authentication for risky sign-ins
- CA-ID04-P2: Require password change for high-risk users