Exam AB-900 Topic 2 Question 49 Discussion
Actual exam question for Microsoft's AB-900 exam
Question #: 49
Topic #: 2
Question #: 49
Topic #: 2
Your organization has a Microsoft 365 subscription.
You need to review the impact of a recent phishing incident that targeted email users.
What should you use?
You need to review the impact of a recent phishing incident that targeted email users.
What should you use?
Suggested Answer: A Vote an answer
The correct answer is A. the Microsoft Defender portal . Microsoft documents that phishing investigation and analysis for email threats is handled in Microsoft Defender for Office 365 through the Microsoft Defender portal . Microsoft's phishing investigation guidance and email security reporting both point admins to Defender capabilities such as Threat Explorer , campaign views , and phish reports to understand the scope, affected users, and impact of phishing attacks.
The other options are not the primary investigation tool for this scenario. The Microsoft 365 admin center is mainly for tenant administration and usage reporting, not detailed phishing impact investigation. The Microsoft Entra admin center focuses on identity and access management, not email threat analysis. The Exchange admin center manages mail flow and Exchange settings, but Microsoft's current phishing investigation workflows are centered in the Microsoft Defender portal , where security analysts can review detections, remediation actions, and affected recipients.
So, to review the impact of a phishing incident that targeted email users, the Microsoft-documented choice is the Microsoft Defender portal .
The other options are not the primary investigation tool for this scenario. The Microsoft 365 admin center is mainly for tenant administration and usage reporting, not detailed phishing impact investigation. The Microsoft Entra admin center focuses on identity and access management, not email threat analysis. The Exchange admin center manages mail flow and Exchange settings, but Microsoft's current phishing investigation workflows are centered in the Microsoft Defender portal , where security analysts can review detections, remediation actions, and affected recipients.
So, to review the impact of a phishing incident that targeted email users, the Microsoft-documented choice is the Microsoft Defender portal .
by Jay at May 01, 2026, 12:13 PM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).