You have an Azure Active Directory (Azure AD) tenant named contoso.com that has Azure AD Identity Protection policies enforced.
You create an Azure Sentinel instance and configure the Azure Active Directory connector.
You need to ensure that Azure Sentinel can generate incidents based on the risk alerts raised by Azure AD Identity Protection.
What should you do first?
- Add an Azure Sentinel data connector.
- Configure the Notify settings in Azure AD Identity Protection.
- Create an Azure Sentinel playbook.
- Modify the Diagnostics settings in Azure AD.