Microsoft Security Operations Analyst — Question 4

You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements and resolve the reported problem.
Which policy should you modify?

Answer options

• A. Activity from suspicious IP addresses
• B. Activity from anonymous IP addresses
• C. Impossible travel
• D. Risky sign-in

Correct answer: C

Explanation

The correct answer is C, 'Impossible travel', as modifying this policy can help identify and mitigate issues regarding users who appear to be logging in from geographically distant locations in an unrealistic time frame. The other options, while relevant to security, do not specifically address the anomaly detection related to travel patterns.