How to set-up Conditional Access policy?

In the Azure portal, select Conditional Access from the Security settings after opening your Active Directory Tenant. The following are the steps to follow:

• As a Global Administrator, Security Administrator, or Conditional Access Administrator, log in to the Microsoft Entra admin center.
• Navigate to Conditional Access, Identity, Protection, and finally Protection.

• To establish a policy, select New policy under the Conditional Access settings.
• Give a name to your policy.We advise organizations to develop a significant standard for the policy names.
• Select Users and groups under Assignments.
• Click Include and choose All users.

• Select Users and groups under Exclude.

• Choose All cloud apps under Include under Cloud apps or actions.

• Next, Location under Conditions.
• Configure should be set to Yes.
• Click Include and choose Any location.

• Select Selected location under Exclude(Choose the location you want to block the access from).

• Select the option. Choose Block Access under Access controls, then click Select.
• Confirm your configuration and turn on the Enable policy.To create a Conditional Access Policy, select create.

• And you created a conditional access policy for blocking access to a location!(Remember it’s oneof the common policies discussed above!).

Microsoft Azure is Microsoft’s primary cloud offering. The Microsoft cloud lives within Microsoft Azure, which is a combination of ultra-redundant data centers located all over the world that offer storage, power, cooling, and all the necessary infrastructure to host cloud servers. So, Microsoft Azure provides X as a service solution. So what does it mean? It means it offers software as a service, platform as a service, infrastructure as a service, and directory as a service. Essentially, everything is a service. A platform-as-a-service solution is essentially a platform that is there, managed by the provider, and you are using that platform to manage your solutions on top of it. Infrastructure as a Service allows you to build a network on top of an underlying solution. For example, building out virtual machines, virtual networks, and so on. Software as a Service is completely managed software by a provider that you just plug into.

Azure AD, or Microsoft Entra ID, is an identity provider that can authenticate security principals. So a security principal is really what we are using when we are authenticating to anything that is an identity provider, in this case, Microsoft Entra ID.