Notifications
Clear all
Topic starter
You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. The tenant includes a user named User1
You enable Azure AD Identity Protection.
You need to ensure that User1 can review the list in Azure AD Identity Protection of users nagged for risk. The solution must use the principle of least privilege.
To which role should you add User1?
- A . Security reader
B. Compliance administrator
C. Reports reader
D. Global administrator
Suggested Answer: A
Explanation:
The risky sign-ins reports are available to users in the following roles:
✑ Security Administrator
✑ Global Administrator
✑ Security Reader
Of the three roles listed above, the Security Reader role has the least privilege.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-risky-sign-ins
Explanation:
The risky sign-ins reports are available to users in the following roles:
✑ Security Administrator
✑ Global Administrator
✑ Security Reader
Of the three roles listed above, the Security Reader role has the least privilege.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-risky-sign-ins
Posted : 31/01/2023 1:13 am