A threat actor used OAuth application consent phishing to gain persistent access to a Microsoft 365 tenant. Which remediation step revokes the attacker's delegated permissions?
-
A
Remove the malicious OAuth app's enterprise application and revoke its granted permissions in Microsoft Entra ID
-
B
Reset the global administrator password
-
C
Disable legacy authentication protocols
-
D
Enable Microsoft Defender for Cloud Apps