You purchase an Azure subscription that is associated to a basic Azure Active Directory (Azure AD) tenant.
You need to receive an email notification when any user activates an administrative role.
What should you do?
A . Purchase Enterprise Mobility + Security E3 and configure conditional access policies
B . Purchase Azure AD Premium P2 and configure Azure AD Privileged Identity Management
C . Purchase Enterprise Mobility + Security E5 and create a custom alert rule in Azure Security Center
D . Purchase Azure AD Premium P1 and enable Azure AD Identity Protection
Answer: B
Explanation:
When key events occur in Azure AD Privileged Identity Management (PIM), email notifications are sent. For example, PIM sends emails for the following events: When a privileged role activation is pending approval When a privileged role activation request is completed When a privileged role is activated When a privileged role is assigned When Azure AD PIM is enabled
References: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-emailnotifications