An organization deployed a new rule that should request an extra verification step if a person signs in from an unfamiliar region or outside regular work hours. Employees traveling abroad report that they are not prompted for any additional confirmation. Which factor best explains why the new controls are not applying to those individuals?
A firewall rule has disabled region signals needed to trigger extra sign-in steps
The scope is limited to a small test group, and the travelers are not assigned to it
Devices have expired certificates that prevent location-based checks
Advanced prompts only apply to specific mobile applications
Digital certificates do not directly affect time or area-based requirements, and firewall settings do not typically override these rules. Checking advanced prompts for mobile apps alone would not account for desktop or other platforms. The policy's scope, however, often limits who is prompted for extra verification. In this scenario, the traveling employees are not included in the test population, so they do not see the additional steps.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to limit the scope of a security policy?
Open an interactive chat with Bash
How do digital certificates affect security policies?
Open an interactive chat with Bash
Why are advanced prompts not limited to mobile applications?