ExamGecko
Home / Microsoft / SC-200 / List of questions
Ask Question

Microsoft SC-200 Practice Test - Questions Answers, Page 2

List of questions

Question 11

Report
Export
Collapse

You have an Azure subscription that contains a Log Analytics workspace.

You need to enable just-in-time (JIT) VM access and network detections for Azure resources.

Where should you enable Azure Defender?

at the subscription level

at the subscription level

at the workspace level

at the workspace level

at the resource level

at the resource level

Suggested answer: A

Explanation:

Reference:

https://do cs. microsoft.com/en-us/azu re/sec urit y-center/e na bl e-azu re-defender

asked 05/10/2024
Chun Yin Lau
44 questions

Question 12

Report
Export
Collapse

You use Azure Defender.

You have an Azure Storage account that contains sensitive information.

You need to run a PowerShell script if someone accesses the storage account from a suspicious IP address.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

From Azure Security Center, enable workflow automation.

From Azure Security Center, enable workflow automation.

Create an Azure logic app that has a manual trigger.

Create an Azure logic app that has a manual trigger.

Create an Azure logic app that has an Azure Security Center alert trigger.

Create an Azure logic app that has an Azure Security Center alert trigger.

Create an Azure logic app that has an HTTP trigger.

Create an Azure logic app that has an HTTP trigger.

From Azure Active Directory (Azure AD), add an app registration.

From Azure Active Directory (Azure AD), add an app registration.

Suggested answer: A, C

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/storaqe/common/azure-defender-storaqe-confiqure?tabs=azure-security-center

https: //docs. m ic rosoft. com/en -us/azu re/sec urity-ce rite r/workflow-a uto mation

asked 05/10/2024
Solomon Waya
40 questions

Question 13

Report
Export
Collapse

HOTSPOT

You manage the security posture of an Azure subscription that contains two virtual machines name vm1 and vm2.

The secure score in Azure Security Center is shown in the Security Center exhibit. (Click the Security Center tab.)

Microsoft SC-200 image Question 13 107827 10052024010847000000

Azure Policy assignments are configured as shown in the Policies exhibit. (Click the Policies tab.)

Microsoft SC-200 image Question 13 107827 10052024010847000000

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Microsoft SC-200 image Question 13 107827 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 13 107827 10052024010847000

Explanation:

Reference:

https://techcommunity.microsoft.com/t5/azure-security-center/security-control-restrict-unauthorized-network-access/ba-p/1593833

https://techcommunity.microsoft.com/t5/azure-security-center/security-control-secure-management-ports/ba-p/1505770

asked 05/10/2024
RAHULREDDY BIRADAVOLU
42 questions

Question 14

Report
Export
Collapse

DRAG DROP

You are informed of a new common vulnerabilities and exposures (CVE) vulnerability that affects your environment.

You need to use Microsoft Defender Security Center to request remediation from the team responsible for the affected systems if there is a documented active exploit available.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Microsoft SC-200 image Question 14 107828 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 14 107828 10052024010847000

Explanation:

Reference:

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/microsoft-defender-atp-remediate-apps-using-mem/ba-p/1599271

asked 05/10/2024
Tim Baas
42 questions

Question 15

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that has Azure Defender enabled for all supported resource types.

You create an Azure logic app named LA1.

You plan to use LA1 to automatically remediate security risks detected in Azure Security Center.

You need to test LA1 in Security Center.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft SC-200 image Question 15 107829 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 15 107829 10052024010847000

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/security-center/workflow-automation#create-a-logic-app-and-define-when-it-should-automatically-run

asked 05/10/2024
EduBP srl De Sanctis
35 questions

Question 16

Report
Export
Collapse

DRAG DROP

You create a new Azure subscription and start collecting logs for Azure Monitor.

You need to configure Azure Security Center to detect possible threats related to sign-ins from suspicious IP addresses to Azure virtual machines. The solution must validate the configuration.

Which three actions should you perform in a sequence? To answer, move the appropriate actions from the list of action to the answer area and arrange them in the correct order.


Microsoft SC-200 image Question 16 107830 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 16 107830 10052024010847000

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/security-center/security-center-alert-validation

asked 05/10/2024
Haleem SHITOU OGUNGBEMI
42 questions

Question 17

Report
Export
Collapse

DRAG DROP

You have resources in Azure and Google cloud.

You need to ingest Google Cloud Platform (GCP) data into Azure Defender.

In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.


Microsoft SC-200 image Question 17 107831 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 17 107831 10052024010847000

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/security-center/quickstart-onboard-gcp

asked 05/10/2024
Prabith Balagopalan
37 questions

Question 18

Report
Export
Collapse

HOTSPOT

You need to use an Azure Resource Manager template to create a workflow automation that will trigger an automatic remediation when specific security alerts are received by Azure Security Center.

How should you complete the portion of the template that will provision the required Azure resources? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft SC-200 image Question 18 107832 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 18 107832 10052024010847000

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/security-center/quickstart-automation-alert

asked 05/10/2024
Ricardson Albuquerque
35 questions

Question 19

Report
Export
Collapse

You use Azure Security Center.

You receive a security alert in Security Center.

You need to view recommendations to resolve the alert in Security Center.

What should you do?

From Security alerts, select the alert, select Take Action, and then expand the Prevent future attacks section.

From Security alerts, select the alert, select Take Action, and then expand the Prevent future attacks section.

From Security alerts, select Take Action, and then expand the Mitigate the threat section.

From Security alerts, select Take Action, and then expand the Mitigate the threat section.

From Regulatory compliance, download the report.

From Regulatory compliance, download the report.

From Recommendations, download the CSV report.

From Recommendations, download the CSV report.

Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/security-center/security-center-managing-and-responding-alerts

asked 05/10/2024
Lionel CHOLEZ
33 questions

Question 20

Report
Export
Collapse

You have a suppression rule in Azure Security Center for 10 virtual machines that are used for testing. The virtual machines run Windows Server.

You are troubleshooting an issue on the virtual machines.

In Security Center, you need to view the alerts generated by the virtual machines during the last five days.

What should you do?

Change the rule expiration date of the suppression rule.

Change the rule expiration date of the suppression rule.

Change the state of the suppression rule to Disabled.

Change the state of the suppression rule to Disabled.

Modify the filter for the Security alerts page.

Modify the filter for the Security alerts page.

View the Windows event logs on the virtual machines.

View the Windows event logs on the virtual machines.

Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/security-center/alerts-suppression-rules

asked 05/10/2024
Shauqi Naufaldy
30 questions
Total 307 questions
Go to page: of 31
Search

Related questions