Your organization is transitioning to a zero-trust security model within its Microsoft 365 environment to enhance security posture. As part of this initiative, you are tasked with ensuring the implementation is comprehensive and effective. Considering the principles of zero-trust, which of the following steps is MOST critical to initially focus on to lay a strong foundation for the zero-trust model? Choose the BEST option from the following: (A) Identify and classify sensitive data and resources in Microsoft 365 to determine the level of access required for each user or group. (B) Implement least-privilege access controls, ensuring users have the minimum level of access necessary to perform their job functions. (C) Continuously monitor and analyze user activities and access patterns to detect and respond to potential security threats or anomalies. (D) Regularly review and update access controls and policies to adapt to changing business requirements and security threats. (E) All of the above.