In this task, you will configure a sign-in risk policy.
On the Identity Protection | User risk policy blade, in the Protect section, click Sign-in risk policy
Configure the Sign-in risk remediation policy with the following settings:
Click Users; on the Include tab of the Users blade, ensure that the All users option is selected.
Click Sign-in risk; on the Sign-in risk blade, select Medium and above, click **Select, and then click Done.
Click Access; on the Access blade, ensure that the Allow access option and the Require multi-factor authentication checkbox are selected and click Done.
Set Enforce Policy to On and click Save.