You have an Azure subscription.
You enable Azure Active Directory (Azure AD) Privileged Identity Management (PIM).
Your company's security policy for administrator accounts has the following conditions:
-> The accounts must use multi-factor authentication (MFA).
-> The accounts must use 20-character complex passwords.
-> The passwords must be changed every 180 days.
-> The accounts must be managed by using PIM.
You receive multiple alerts about administrators who have not changed their password during the last 90 days.
You need to minimize the number of generated alerts.
Which PIM alert should you modify?
Click on the arrows to vote for the correct answer
A. B. C. D.D
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-configure-security-alerts?tabs=newBased on the scenario provided, the company's security policy requires the use of multi-factor authentication (MFA), 20-character complex passwords changed every 180 days, and management of administrator accounts through Azure AD Privileged Identity Management (PIM).
The issue described in the scenario is that multiple alerts have been received about administrators who have not changed their password during the last 90 days. This is likely due to the fact that the PIM alerts are configured to notify when password changes are not made within a specified timeframe.
To minimize the number of generated alerts, we need to modify the PIM alert that is triggering the notifications. The alert that should be modified is likely the one related to potential stale accounts in a privileged role, as this alert is triggered when an account has not been activated within a specified timeframe.
Since the company's security policy requires the use of MFA and complex passwords that are changed every 180 days, it is unlikely that administrators are not using their privileged roles. Therefore, modifying the alert related to inactive accounts in a privileged role would likely be the most appropriate course of action in this scenario.
The correct answer is D. Potential stale accounts in a privileged role.