You have a Microsoft 365 subscription.
You enable auditing for the subscription.
You plan to provide a user named Auditor with the ability to review audit logs.
You add Auditor to the Global administrator role group.
Several days later, you discover that Auditor disabled auditing.
You remove Auditor from the Global administrator role group and enable auditing.
You need to modify Auditor to meet the following requirements:
✑ Be prevented from disabling auditing
✑ Use the principle of least privilege
✑ Be able to review the audit log
To which role group should you add Auditor?
A . Security reader
B . Compliance administrator
C . Security operator
D . Security administrator
Answer: C
Explanation:
Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center
Leave a Reply