Microsoft 365 Security Administration — Question 71

You have a Microsoft 365 E5 subscription.
You need to ensure that users who are assigned the Exchange administrator role have time-limited permissions and must use multi-factor authentication (MFA) to request the permissions.
What should you use to achieve the goal?

Answer options

• A. Microsoft 365 Compliance permissions
• B. Microsoft Azure Active Directory (Azure AD) Privileged Identity Management
• C. Microsoft Azure AD group management
• D. Microsoft 365 user management

Correct answer: B

Explanation

The correct answer is B, Microsoft Azure Active Directory (Azure AD) Privileged Identity Management, as it allows for the management of temporary permissions and enforces MFA for privileged roles. The other options do not provide the necessary capability to enforce time-limited access or require MFA for role activation.