Common signals that Conditional Access can take in to account when making a policy decision include the following signals:
* User or group membership
* Policies can be targeted to specific users and groups giving administrators fine-grained control over access.
* IP Location information
* Organizations can create trusted IP address ranges that can be used when making policy decisions.
* Administrators can specify entire countries/regions IP ranges to block or allow traffic from.
* Device
* Users with devices of specific platforms or marked with a specific state can be used when enforcing Conditional Access policies.
* Use filters for devices to target policies to specific devices like privileged access workstations.
* Application
* Users attempting to access specific applications can trigger different Conditional Access policies.
* Real-time and calculated risk detection
* Signals integration with Azure AD Identity Protection allows Conditional Access policies to identify risky sign-in behavior. Policies can then force users to change their password, do multi-factor authentication to reduce their risk level, or block access until an administrator takes manual action.
* Microsoft Defender for Cloud Apps
* Enables user application access and sessions to be monitored and controlled in real time, increasing visibility and control over access to and activities done within your cloud environment.
