Hi Omar Tsai,
Thank you for posting your query on Microsoft Q&A!
If the Sign-in matches the Assignments (User, Target resources, Conditions) then both Access Controls (Grant & Session) will apply.
It would not be possible to bypass the Session controls by providing MFA, even if user has an existing MFA token the session controls will still apply.
Do let me know if this helps or if you have any further queries.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Kind Regards,
Donal