You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains several administrative user accounts.
You need to recommend a solution to identify which administrative user accounts have NOT signed in during the previous 30 days.
Which service should you include in the recommendation?
Click on the arrows to vote for the correct answer
A. B. C. D.A
The recommended solution for identifying administrative user accounts that have not signed in during the previous 30 days in an Azure AD tenant is Azure AD Identity Protection.
Azure AD Identity Protection is a cloud-based security service that uses machine learning and data analysis to identify potential security threats to your organization. It provides insight into risk events and user behaviors, and offers recommendations for remediation actions.
Azure AD Identity Protection includes a feature called "Risky users", which allows you to identify users who have performed risky actions, such as using leaked credentials or signing in from a risky IP address. This feature can also be used to identify users who have not signed in for a specified period of time.
To use this feature, you need to create a policy in Azure AD Identity Protection that defines the criteria for identifying risky users. In this case, you would create a policy that identifies users who have not signed in for the previous 30 days.
Once the policy is in place, you can view the list of risky users in the Azure AD Identity Protection portal. This list will include the administrative user accounts that have not signed in during the previous 30 days.
In contrast, Azure AD Privileged Identity Management (PIM) is a service that allows you to manage, control, and monitor access to resources in your organization. While it can be used to identify inactive privileged accounts, it is primarily focused on managing privileged access to resources.
Azure Advisor is a service that provides personalized recommendations to optimize your Azure resources for high availability, security, performance, and cost. It is not designed to identify inactive user accounts.
Azure Activity Log is a service that provides a log of all operations that were performed in your Azure subscription. It can be used to monitor user activity and resource changes, but it does not provide insight into user sign-ins.