You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. The tenant includes a user named User1. You enable Azure AD Identity Protection. You need to ensure that User1 can review the list in Azure AD Identity Protection of users flagged for risk. The solution must use the principle of least privilege. To which role should you add User1? A. Compliance administrator B. Global administrator C. Owner D. Security administrator  Suggested Answer: D Either one of the following three roles can review the list in Azure AD Identity Protection of users flagged for risk: ✑ Security Administrator ✑ Global Administrator ✑ Security Reader Using the principle of least privilege, we should add User1 to the Security Administrator role. Note: There are several versions of this question in the exam. The question has three possible correct answers: 1. Security Reader 2. Security Administrator Global Administrator - Other incorrect answer options you may see on the exam include the following: 1. Service Administrator. 2. Reports Reader 3. User Administrator Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-risky-sign-ins https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-risky-sign-ins This question is in MS-100 Exam For getting Microsoft 365 Administrator Expert Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer