Note the following rules on MFA. More details are here: concept-conditional-access-policies
All assignments are logically ANDed. If you've more than one assignment configured, all assignments must be satisfied to trigger a policy.
Multiple Conditional Access policies may apply to an individual user at any time. In this case, all policies that apply must be satisfied. For example, if one policy requires multi-factor authentication (MFA) and another requires a compliant device, you must complete MFA, and use a compliant device.
----------
--please don't forget to upvote
and Accept as answer
if the reply is helpful--