Which one of the actions below is the only one that a user with Security Admin role cannot perform?

Answer options:

A.Edit security policy
B.Enable / disable Azure Defender plans
C.Enable / disable auto-provisioning
D.Add/assign initiatives (including regulatory compliance standards)

Correct Answer: D Option D is correct. Creating new initiatives requires subscription owner credentials.
Option A, B and C are incorrect. Security admin can perform these tasks with his/her role access.
Reference: 

https://docs.microsoft.com/en-us/azure/security-center/security-center-permissions