Microsoft 365 Administrator — Question 221

You have a Microsoft 365 E5 subscription.

You need to be alerted when Microsoft Defender XDR detects high-severity incidents.

What should you use?

Answer options

• A. a custom detection rule
• B. a threat policy
• C. a notification rule

Correct answer: C

Explanation

The correct answer is C, as notification rules are specifically designed to alert users about incidents based on their severity. Options A and B do not directly provide alert mechanisms for incidents, but rather focus on detection and management without the specific alerting functionality needed for high-severity incidents.