You are an Office 365 administrator for your company. You enable mailbox auditing for all user mailboxes.
You receive reports that someone is accessing another user’s mailbox without authorization.
You need to identify which account was used to access the mailbox in Microsoft Exchange Online.
What should you run?
A.
the PowerShell cmdletSearch-AdminAuditLog
B.
the PowerShell cmdletNew-AdminAuditLogSearch
C.
the non-owners’ mailbox access report
D.
the mailbox content search and hold report
Explanation:
https://technet.microsoft.com/en-us/library/jj150575(v=exchg.160).aspx
correct