Final answer:
The retention duration for attachments in quarantine within a Microsoft 365 subscription is configured through a Safe Attachments policy, located within the Threat management section of the Microsoft 365 Defender portal.
Step-by-step explanation:
The correct answer for configuring the retention duration for attachments in quarantine within a Microsoft 365 subscription is a Safe Attachments policy. This policy is a part of Microsoft Defender for Office 365 and offers protection in environments using Microsoft 365 services. When you create or edit a Safe Attachments policy, you can specify how long attachments that are detected as malicious and quarantined should be retained before they are automatically deleted.
To set up this policy, you would need to access the Microsoft 365 Defender portal, navigate to the Threat management policy section, and select Safe attachment. From there, you can create a new policy or edit an existing one and adjust the retention settings according to your organization's needs.