Microsoft 365 Security Administration — Question 94

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that contains a user named User1.
The Azure Active Directory (Azure AD) Identity Protection risky users report identifies User1.
For User1, you select Confirm user compromised.
User1 can still sign in.
You need to prevent User1 from signing in. The solution must minimize the impact on users at a lower risk level.
Solution: You configure the sign-in risk policy to block access when the sign-in risk level is high.
Does this meet the goal?

Answer options

• A. Yes
• B. No

Correct answer: B

Explanation

The proposed solution does not meet the goal, as it only blocks access based on high-risk sign-ins and does not address the already confirmed compromised status of User1. Since User1 has been confirmed compromised, immediate action is required to block their sign-in, rather than relying on a risk policy that may not impact them directly.