[Reference:, In Azure Security Center (now known as Microsoft Defender for Cloud), email notifications for security alerts are controlled by the Email notifications settings under Environment settings → Email notifications. These settings allow administrators to specify who receives notifications and what severity levels (High, Medium, Low) will trigger email alerts., By default, Security Center sends email notifications only for High severity alerts. This explains why the administrator receives alerts for “potential malware uploaded” or “brute-force attacks” (both high severity) but not for “antimalware action failed” or “suspicious network activity” (which are usually medium or low severity)., To ensure all alert types trigger an email, you must change the severity level of email notifications to include Medium and Low., Microsoft documentation states:, “Security Center can send email notifications about new security alerts. You can define the recipients and choose to receive notifications for High, Medium, and Low severity alerts. By default, only High severity alerts trigger notifications.”, The other options are incorrect:, (B) Cloud connector – used for connecting AWS or GCP environments, unrelated to email alert settings., (C) Azure Defender plans – control which resources are protected, not notification delivery., (D) Integration settings for Threat detection – manage data sources and integrations, not email alerts., ✅ Therefore, the correct answer is A. the severity level of email notifications., , , ]