If you want to reduce the number of "false positives" appearing in Risk Events, which action would NOT help?
A. filtering custom policy alerts to exclude trusted geographic areas
B. adding trusted users to the User Exclusion List
C. adding suspicious IP addresses to a "blacklist"
D. changing custom policy alerts with Resource or Action set to "Any" to target specific resources and actions