You have a Microsoft 365 subscription and are tasked with designing a user access solution that aligns with the Zero Trust principles outlined in the Microsoft Cybersecurity Reference Architectures (MCRA). Your objective is to recommend a solution for automatically restricting access to Microsoft Exchange Online, SharePoint Online, and Teams in near-real-time (NRT) in response to certain Azure Active Directory (Azure AD) events. These events include:

• A user account is disabled or deleted.
• A user's password is changed or reset.
• All refresh tokens for a user are revoked.
• Multi-factor authentication (MFA) is enabled for a user.

Which two features should you include in the recommendation to meet these criteria? Each correct answer is part of the solution. NOTE: Each correct selection is worth one point.