Which tasks can be performed by Azure Active Directory (Azure AD) Identity Protection? Select all that apply.

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

Azure Active Directory (Azure AD) Identity Protection is specifically designed to help organizations manage and mitigate risks associated with user identities. One of its primary features is the automation of identifying and responding to identity-based risks. This capability allows organizations to detect and remediate potential threats automatically, such as suspicious sign-in attempts or compromised accounts, thereby enhancing the security posture without requiring extensive manual intervention.

Additionally, Azure AD Identity Protection provides tools to assist organizations in monitoring and investigating risks related to user authentication. Investigating authentication risks is crucial for understanding the nature and impact of potential security threats. Through risk detection, organizations can better protect their resources by understanding what types of risky behaviors or conditions exist.

While Azure AD Identity Protection does offer automation and investigatory capabilities, it does not include functionalities such as configuring external access for partner organizations or exporting risk detection data to third-party utilities, which are outside its primary focus on identity and access management security. This highlights the importance of recognizing the specific functions and strengths of Azure AD Identity Protection within the broader Azure ecosystem.