Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com.
A user named User1 is a member of a dynamic group named Group1.
User1 reports that he cannot access documents shared to Group1.
You discover that User1 is no longer a member of Group1.
You suspect that an administrator made a change that caused User1 to be removed from Group1.
You need to identify which administrator made the change.
Which audit log activity should you search in the Security & Compliance admin center?
A . Azure AD group administration activities C Removed member from group
B . User administration activities C Updated user
C . Azure AD group administration activities C Updated group
Answer: C