Microsoft 365 Administrator — Question 332

You have a Microsoft 365 ES subscription.

On Monday, you create a new user named User1.

On Tuesday, User1 signs in for the first time and perform the following actions:

• Signs in to Microsoft Exchange Online from an anonymous IP address.
• Signs in to Microsoft SharePoint Online from a device in New York City.
• Establishes Remote Desktop connections to hosts in Berlin and Hong Kong, and then signs in to SharePoint Online from the Remote Desktop connections.

Which types of sign-in risks will Azure AD Identity Protection detect for User1?

Answer options

• A. anonymous IP address and atypical travel only
• B. anonymous IP address only
• C. unfamiliar sign-in properties and atypical travel only
• D. anonymous IP address and unfamiliar sign-in properties only
• E. anonymous IP address, atypical travel, and unfamiliar sign-in properties

Correct answer: B

Explanation

The correct answer is B because Azure AD Identity Protection detects sign-ins from anonymous IP addresses but does not classify the remote desktop connections as atypical travel since they are not direct sign-ins. The other options include risks that are not applicable based on User1's sign-in behavior.