🔥 3-day streak
Microsoft Cybersecurity Architect Expert98 / 158
Question 98 of 158

A financial services company must comply with a regulation requiring that all mailbox access events, including which specific mail items were read, be retained for one year to support forensic investigation of potential insider data theft. The security architect discovers that with the current Microsoft 365 E3 licensing, investigators can see that a user signed in but cannot determine which individual emails were accessed, and audit logs are only retained for 90 days. Which change should the architect recommend to meet the requirement with the least custom engineering?

Reviewed for accuracy · Report an issueNext question