Question 10 of 13

Your organization has a Microsoft 365 tenant and you've already created a Microsoft Defender Safe Attachments policy. You've configured the policy to quarantine malware.

Some users have complained that they go to check their quarantine but the emails are already deleted.

Your manager has asked you to change the retention duration for the attachments that end up in quarantine. He needs you to extend the amount of time the emails will be in quarantine.

Which threat management policy should you update from the Microsoft Defender admin center?

In the anti-spam policies > Anti-spam inbound policy (default). The actions section will tell Microsoft 365 what to do when it finds a message that's spam, phishing, or bulk email. For example, you may want the email to go to the user's junk email folder or you may want the email to go to the quarantine. The actions section is where you'll find the retain spam in quarantine for this many days setting.

https://www.gitbit.org/course/ms-500/learn/Protect-your-email-environment-from-malicious-actors-6HUOr7qbL