Incidence Description: L2SOCMFA01

Setting up Multi factor authentication request.

Level 1 Ticket Source: CRIM- Unisys Alerts/ User Phone Call/ Email   
Support Level: Level 2   
 
Additional Information/Considerations:  
User Account naming nomenclature- 500 account- for contractor/ 100 account – for
permanent hire/  CST_underscore account – contract third party account 
 
How Do I
Follow These Steps: 
Resolve 
Review daily User must be registered for Multifactor Authentication and for setting up the
ticket list for MFA, follow below procedure:
Queue Set up your account 
Monitored – When setting up two-step verification, you'll see a screen that says Your admin has
Security_Glo required that you set up this account for additional security verification: 
bal_FLS 

 
 
To get started, select Set it up now. 
 Decide how you want to verify your sign-ins 
The first question in the enrollment process is how you want us to contact you. Take
a look at the options in the table, and use the links to go to the setup steps for each
method.  
Contact method  Description 
- Receive notifications for verification. This
option pushes a notification to the authenticator
app on your smartphone or tablet. View the
notification and, if it is legitimate,
select Authenticate in the app. Your work or
school may require that you enter a PIN before
you authenticate. 
- Use verification code. In this mode, the
authenticator app generates a verification code
that updates every 30 seconds. Enter the most
current verification code in the sign-in interface. 
Mobile app 
 
 
Mobile phone call or text  - Phone call places an automated voice call to the
phone number you provide. Answer the call and
press # in the phone keypad to authenticate. 
- Text message ends a text message containing a
verification code. Following the prompt in the
text, either reply to the text message or enter the
verification code provided into the sign-in
interface. 
Office Phone Call  Places an automated voice call to the phone
number you provide. Answer the call and presses
# in the phone keypad to authenticate. 
 
Use a mobile app as the contact method 
 
You don’t have to use the Microsoft Authenticator app. If you’re already using another
authenticator app, you can continue to use it. 

1. Select Mobile app from the drop-down list.  

 
2. Select either Receive notifications for verification or Use verification
code, then select Set up.   
3. On your phone or tablet, open the app and select + to add an
account. (On Android devices, select the three dots, then Add account.) 

4. Specify that you want to add a work or school account. The QR code
scanner on your phone opens. 
  
 
5. Scan the QR code picture that appeared with the screen for configuring the
mobile app. Select Done to close the QR code screen. 
6. When activation finishes on the phone, select Contact me. This step sends
either a notification or a verification code to your phone. Select Verify.
7. We recommend that you enter your mobile phone number in case you lose
access to your mobile app. Specify your country/region from the drop-down
list, and enter your mobile phone number in the box next to the
country/region name. Select Next. Click Done. 
 
Use your mobile phone as the contact method 
1. Select Authentication Phone from the drop-down list. 
2. Choose your country/region from the drop-down list, and enter
your mobile phone number. 
3. Select the method you would prefer to use with your mobile phone
- text or call. 
4. Select Contact me to verify your phone number. Depending on the
mode you selected, we send you a text or call you. Follow the instructions
provided on the screen, then select Verify.  
5. Click Done.   
Use your office phone as the contact method 
1. Select Office Phone from the drop-down 
2. The phone number box is automatically filled with your company
contact information. If the number is wrong or missing, ask your admin to
make changes. 
3. Select Contact me to verify your phone number, and we will call
your number. Follow the instructions provided on the screen, then
select Verify. 
4. Click Done. 
 After confirmation from user resolve the ticket. 
a. Open ticket Turn Ticket status to In Progress and save  
b. Then Click on Resolve.  
c. Fill the 4 fields listed below Resolution method/
Closure source/ Resolution/ Status reason 
Incidence Description: L2SOCMFA02
Updating Multi-Factor Method (New Phone # or Authentication Method)
Level 1 Ticket Source: CRIM- Unisys Alerts/ User Phone Call/ Email   
Support Level: Level 2   
 
Additional Information/Considerations:  
User Account naming nomenclature- 500 account- for contractor/ 100 account – for
permanent hire/  CST_underscore account – contract third party account 
 
How Do I Resolve  Follow These Steps: 
Review daily ticket If after registering a device a user wants to update the method or device
list for Queue they are using to complete their Multi-Factor challenge please do the below: 
Monitored – 1. Open https://aka.ms/mfasetup from a web browser to
Security_Global_FLS  allow user to update their own MFA preferences. 
2. After signing in you will see the below screen. Complete
required changes and then hit “Save” at the bottom of the
page. 

 After confirmation from user resolve the ticket. 

b. Open ticket Turn Ticket status to In Progress
and save 
c. Then Click on Resolve.  
d. Fill the 4 fields listed below Resolution
method/ Closure source/ Resolution/ Status
reason 
Incidence Description: L2SOCMFA03
 Add authentication methods for a specific user, including phone numbers used for MFA
 Require a user to re-register for MFA
 Revoke existing MFA sessions.

Level 1 Ticket Source: CRIM- Unisys Alerts/ User Phone Call/ Email   
Support Level: Level 2   
 
Additional Information/Considerations:  
User Account naming nomenclature- 500 account- for contractor/ 100 account – for
permanent hire/  CST_underscore account – contract third party account 
 
How Do I Resolve  Follow These Steps: 
Review daily ticket You can add authentication methods for a user via the Azure
list for Queue portal.
Monitored –
Security_Global_FLS  1. Sign into the Azure portal.
2. Browse to Azure Active Directory > Users > All users.
3. Choose the user for whom you wish to add an
authentication method and select Authentication
methods.
4. At the top of the window, select + Add authentication
method
5. When adding a phone number, select a phone type and
enter phone number with valid format (e.g. +1
4255551234).
6. Select Add.

After confirmation from user resolve the ticket. 

c. Open ticket Turn Ticket status to In Progress
and save 
d. Then Click on Resolve.  
e. Fill the 4 fields listed below Resolution
 method/ Closure source/ Resolution/ Status
reason 

Incidence Description: L2SOCMFA04

User account is blocked while signing into office 365 application.

Level 1 Ticket Source: CRIM- Unisys Alerts/ User Phone Call/ Email   
Support Level: Level 2   
 
Additional Information/Considerations:  
User Account naming nomenclature- 500 account- for contractor/ 100 account – for
permanent hire/  CST_underscore account – contract third party account 
 
How Do I Resolve  Follow These Steps: 
Review daily ticket The user risk policy blocks a user if the configured user risk level
list for Queue for blocking access has been reached. In this case follow the
Monitored – below steps.
Security_Global_FLS  1. Sign into the Azure portal as an administrator.
2. Browse to Azure Active Directory & Security.

3. MFA Server and Block/unblock users.

4. Select Unblock in the Action column next to the user to

unblock.
5. Enter a comment in the Reason for unblocking field.
 6. Select Unblock to finish unblocking the user.

After confirmation from user resolve the ticket. 

d. Open ticket Turn Ticket status to In Progress
and save 
e. Then Click on Resolve.  
f. Fill the 4 fields listed below Resolution
method/ Closure source/ Resolution/ Status
reason