Examice

Exam MS-102 All QuestionsBrowse all questions from this exam

Question 240

You have a Microsoft 365 subscription that contains an Azure AD tenant named contoso.com. The tenant includes a user named User1.

You enable Azure AD Identity Protection.

You need to ensure that User1 can review the list in Azure AD Identity Protection of users flagged for risk. The solution must use the principle of least privilege.

To which role should you add User1?

Compliance Administrator

Security Reader

Reports Reader

User Administrator

Correct Answer: B

To ensure that User1 can review the list of users flagged for risk in Azure AD Identity Protection while adhering to the principle of least privilege, the role of Security Reader should be assigned. The Security Reader role has the necessary permissions to view security-related features, reports, and logs without the ability to make changes, aligning well with the requirement to review flagged users.

Discussion

Paul_whiteOption: B

SECURITY READER IS CORRECT!!!!

DiligentSam

https://www.examtopics.com/discussions/microsoft/view/49685-exam-ms-100-topic-3-question-29-discussion/

king001Option: B

Require Role: 1 Global Admin 2 Security Admin 3 Security Reader available choice and least privilege is Security Reader

Murad01Option: B

I think (Security Reader) is correct

scocla21Option: B

B is correct

BlastyOption: C

The Reports Reader is least privileged and is able to access the sign-in reports, including privileged properties.

Amir1909Option: B

B is correct