MS-900 Exam QuestionsBrowse all questions from this exam
Go to Exam

MS-900 Exam - Question 212

Your company purchases Microsoft 365 E3 and Azure AD P2 licenses.

You need to provide identity protection against login attempts by unauthorized users.

What should you implement?

Show Answer
Correct Answer: A

To provide identity protection against login attempts by unauthorized users with Microsoft 365 E3 and Azure AD P2 licenses, you should implement Azure AD Identity Protection. This solution offers comprehensive tools to detect, investigate, and remediate identity-based risks, ensuring that unauthorized access attempts are identified and mitigated effectively.

Discussion

4 comments
Sign in to comment
RichNZ
Oct 2, 2022

Answer is in the question itself

AnyoYoan
Nov 7, 2022

Exact same thought xD

syu31svc
Dec 15, 2022

https://www.microsoft.com/en-sg/security/business/identity-access-management/identity-protection: "Azure Active Directory (Azure AD) Identity Protection helps keep you informed of suspicious user and sign-in behavior in your environment" A for sure

ingenierodiaz79Option: A
Aug 23, 2024

https://www.microsoft.com/en-sg/security/business/identity-access-management/identity-protection

AntonioTechOption: A
Apr 17, 2025

The correct answer is A. Azure AD Identity Protection. Here's why: Azure AD Identity Protection is a cloud-based security service that uses machine learning and behavioral analytics to detect, prevent, and remediate identity-based risks. It specifically addresses login attempts by unauthorized users by: Detecting risky sign-ins: Identifying suspicious login patterns, unusual locations, unfamiliar devices, and potential brute-force attacks.   Detecting risky users: Identifying user accounts that might be compromised based on detected risky sign-in behavior.   Providing risk-based Conditional Access policies: Allowing you to enforce stronger authentication requirements (like multi-factor authentication) or block access based on the assessed risk level of a sign-in attempt.   Offering risk remediation actions: Enabling automated or manual responses to detected risks, such as requiring password resets or blocking compromised accounts.