Microsoft Azure Architect Design (legacy) — Question 22
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains several administrative user accounts.
You need to recommend a solution to identify which administrative user accounts have NOT signed in during the previous 30 days.
Which service should you include in the recommendation?
Answer options
- A. Azure AD Identity Protection
- B. Azure Activity Log
- C. Azure Advisor
- D. Azure AD Privileged Identity Management (PIM)
Correct answer: D
Explanation
The correct answer is D, Azure AD Privileged Identity Management (PIM), as it allows for monitoring and managing privileged accounts, including sign-in activities. The other options do not specifically focus on tracking sign-in activity of administrative accounts over a specific time frame, which is crucial for this requirement.