Microsoft 365 Administrator — Question 102

You have a Microsoft 365 E5 subscription.

You need to ensure that administrators receive an email when Microsoft 365 Defender detects a sign-in from a risky IP address.

What should you create?

Answer options

• A. a vulnerability notification rule
• B. an alert
• C. an incident assignment filter
• D. an incident notification rule

Correct answer: B

Explanation

The correct answer is B, as creating an alert will directly notify the administrators when a sign-in from a risky IP address is detected. The other options do not specifically address the need for email notifications related to sign-in events, making them unsuitable for this requirement.