GitBit
BlogFirst lesson
Sign Up

Question 1

Your organization has a Microsoft 365 tenant. Your organization has a user named John Gruber. Several users have full access to John Gruber's mailbox.

A few emails that were sent to John Gruber have been read and deleted before John Gruber viewed them.

You've been asked to see who accessed and deleted the emails. You search the audit log in the Microsoft Defender admin center to see who read and deleted the emails but the audit logs are blank. So your manager has asked you to configure the audit logs so your can view who accessed the mailbox in the future.

What Exchange PowerShell commands do you need to run to verify you can see the audit logs in the future?