In the Domain Security Overview,Scopeis a configurable setting that allows administrators toswitch between Active Directory domains and Azure tenants. This capability is essential for organizations managing multiple identity environments, as it enables targeted risk assessment and comparison across different identity infrastructures.
The CCIS documentation explains that Scope determineswhich domain or tenant’s identity data is displayedin the Overview dashboard, including risk scores, trends, and prioritized remediation guidance. Changing the scope does not alter risk calculations; it simply refocuses the analysis on the selected identity environment.
Other options are incorrect because:
Privileged Identities represent a subset of users, not a switchable setting.
Domains are entities, not a dashboard control.
Goal changes how risks are evaluated, not which environment is displayed.
By allowing granular control over which domain or tenant is analyzed, Scope supports accurate identity risk management in complex, hybrid environments. Therefore,Option Dis the correct answer.
