🔥 3-day streak
Microsoft 365 Administrator45 / 119
Question 45 of 119
At Contoso, several user mailboxes were recently compromised and attackers created inbox rules that automatically forwarded mail to external addresses. The security team wants to be notified automatically whenever Defender for Office 365 detects that a user has set up suspicious external email forwarding, without writing custom KQL. What should you configure in the Microsoft Defender portal?
Reviewed for accuracy · Report an issueNext question