GitBit
First lessonBlog
Sign Up

Question 7 of 17

Previous QuestionNext Question

You have a Microsoft 365 tenant with Microsoft 365 E5 licenses. The tenant contains the following users.

User role chart

You've been tasked with implementing Azure Active Directory (Azure AD) Identity Protection.

Before you can implement it your manager has asked you which users can perform the following actions:

  • Configure a user risk policy.
  • View the risky users' report.

Which users can perform the tasks listed below?

Can update any user risk policy

Can review any user risk reports

User 1 is a global admin so they can perform any action on the user risk policy.

Compliance administrators don't have access to the user risk / risky users area so User 2 can't perform anything.

Security administrators can manage user risk policies so User 3 can perform both actions.

Security Readers can view the user risk reports but can't make changes so User 4 can view but not update.

https://www.gitbit.org/course/ms-500/learn/Creating-and-managing-admins-through-roles-7CpqFkPZU

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection

Did you like the site?