Microsoft 365 Mobility and Security (legacy) — Question 73

Your network contains an on-premises Active Directory domain.
Your company has a security policy that prevents additional software from being installed on domain controllers.
You need to monitor a domain controller by using Microsoft Defender for Identity.
What should you do? More than one answer choice may achieve the goal. Choose the BEST answer.

Answer options

• A. Deploy a Microsoft Defender for identity sensor, and then configure port mirroring.
• B. Deploy a Microsoft Defender for identity sensor, and then configure detections.
• C. Deploy a Microsoft Defender for Identity standalone sensor, and then configure detections.
• D. Deploy a Microsoft Defender for Identity standalone sensor, and then configure port mirroring.

Correct answer: D

Explanation

The correct answer is D because deploying a standalone sensor allows monitoring without installing software on the domain controller, and configuring port mirroring enables traffic analysis. Options A and B involve a standard sensor, which cannot be installed due to the policy, and option C does not include port mirroring, which is necessary for effective monitoring.