Microsoft 365 Administrator — Question 310

You have a Microsoft 365 subscription that contains a Microsoft Entra tenant named contoso.com. The tenant includes a user named User1.

You plan to use Microsoft Entra ID Protection.

You need to ensure that User1 can review the list in Microsoft Entra ID Protection of users flagged for risk. The solution must use the principle of least privilege.

To which role should you add User1?

Answer options

• A. Compliance Administrator
• B. User Administrator
• C. Security Administrator
• D. Global Administrator

Correct answer: C

Explanation

The correct answer is C, Security Administrator, as this role allows the user to view risk reports in Microsoft Entra ID Protection while adhering to the principle of least privilege. The other roles, such as Compliance Administrator and Global Administrator, provide broader permissions that exceed the least privilege requirement, and User Administrator does not grant access to risk management features.