What should you do?

You have a Microsoft 365 E5 subscription.

A user reports that changes were made to several files in Microsoft OneDrive.

You need to identify which files were modified by which users in the user’s OneDrive.

What should you do?
A . From the Azure Active Directory admin center, open the audit log
B . From the OneDrive admin center, select Device access
C . From Security & Compliance, perform an eDiscovery search
D . From Microsoft Cloud App Security, open the activity log

View Answer

Answer: D

Explanation:

Reference: https://docs.microsoft.com/en-us/cloud-app-security/activity-filters