You have an Azure Active Directory (Azure AD) tenant that uses conditional access policies.
You plan to use third-party security information and event management (SIEM) to analyze conditional access usage.
You need to download the Azure AD log by using the administrative portal.
The log file must contain changes to conditional access policies.
What should you export from Azure AD?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-audit-logsTo download the Azure AD log containing changes to conditional access policies, you need to export the audit logs in CSV format. Audit logs provide a detailed record of activities and events that occur within your Azure AD tenant, including changes to conditional access policies.
Here's how you can export audit logs in CSV format:
Log in to the Azure portal with your administrator account.
Navigate to Azure Active Directory > Monitoring > Audit logs.
In the Audit logs pane, select the time range for which you want to export the logs.
Click on Export data in the top menu.
In the Export data pane, select the following settings:
Click on Export to download the CSV file containing the audit logs.
It's worth noting that sign-ins in CSV or JSON format do not contain information about changes to conditional access policies. Sign-in logs record sign-in activities for users in your Azure AD tenant, such as successful or failed sign-ins, but do not include information about changes to policies. Therefore, options B and D are not correct.
Similarly, while audit logs are available in both JSON and CSV format, the question specifies that the logs should be downloaded in CSV format. Therefore, option C is not the correct answer.