A threat actor used OAuth application consent phishing to gain persistent access to a Microsoft 365 tenant.Which remediation step revokes the attacker's delegated permissions?