ExamGecko
Home / Microsoft / SC-200 / List of questions
Ask Question

Microsoft SC-200 Practice Test - Questions Answers, Page 19

List of questions

Question 181

Report
Export
Collapse

You have an Azure subscription that contains a user named User1.

User1 is assigned an Azure Active Directory Premium Plan 2 license

You need to identify whether the identity of User1 was compromised during the last 90 days.

What should you use?

the risk detections report

the risk detections report

the risky users report

the risky users report

Identity Secure Score recommendations

Identity Secure Score recommendations

the risky sign-ins report

the risky sign-ins report

Suggested answer: B
asked 05/10/2024
Naeem Navaid Shaikh
38 questions

Question 182

Report
Export
Collapse

You have an Azure subscription that uses Microsoft Defender fof Ctoud.

You have an Amazon Web Services (AWS) account that contains an Amazon Elastic Compute Cloud (EC2) instance named EC2-1.

You need to onboard EC2-1 to Defender for Cloud.

What should you install on EC2-1?

the Log Analytics agent

the Log Analytics agent

the Azure Connected Machine agent

the Azure Connected Machine agent

the unified Microsoft Defender for Endpoint solution package

the unified Microsoft Defender for Endpoint solution package

Microsoft Monitoring Agent

Microsoft Monitoring Agent

Suggested answer: A
asked 05/10/2024
Sze Yenn Tan
36 questions

Question 183

Report
Export
Collapse

You have a Microsoft Sentinel workspace named Workspace1 and 200 custom Advanced Security Information Model (ASIM) parsers based on the DNS schema. You need to make the 200 parsers available in Workspace1. The solution must minimize administrative effort. What should you do first?

Copy the parsers to the Azure Monitor Logs page.

Copy the parsers to the Azure Monitor Logs page.

Create a JSON file based on the DNS template.

Create a JSON file based on the DNS template.

Create an XML file based on the DNS template.

Create an XML file based on the DNS template.

Create a YAML file based on the DNS template.

Create a YAML file based on the DNS template.

Suggested answer: A

Explanation:


asked 05/10/2024
Caridade Martins
44 questions

Question 184

Report
Export
Collapse

You use Microsoft Sentinel.

You need to receive an alert in near real-time whenever Azure Storage account keys are enumerated.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE:

Each correct selection is worth one point

Create a bookmark.

Create a bookmark.

Create an analytics rule.

Create an analytics rule.

Create a livestream.

Create a livestream.

Create a hunting query.

Create a hunting query.

Add a data connector.

Add a data connector.

Suggested answer: D, E
asked 05/10/2024
Frederico Dionísio
40 questions

Question 185

Report
Export
Collapse

You need to minimize the effort required to investigate the Microsoft Defender for Identity false positive alerts. What should you review?

the status update time

the status update time

the alert status

the alert status

the certainty of the source computer

the certainty of the source computer

the resolution method of the source computer

the resolution method of the source computer

Suggested answer: B
asked 05/10/2024
Thiago B
43 questions

Question 186

Report
Export
Collapse

HOTSPOT

You need to meet the Microsoft Defender for Cloud Apps requirements

What should you do? To answer. select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft SC-200 image Question 186 107955 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 186 107955 10052024010847000
asked 05/10/2024
Thomas Schmitt
42 questions

Question 187

Report
Export
Collapse

You need to deploy the native cloud connector to Account! to meet the Microsoft Defender for Cloud requirements. What should you do in Account! first?

Create an AWS user for Defender for Cloud.

Create an AWS user for Defender for Cloud.

Create an Access control (1AM) role for Defender for Cloud.

Create an Access control (1AM) role for Defender for Cloud.

Configure AWS Security Hub.

Configure AWS Security Hub.

Deploy the AWS Systems Manager (SSM) agent

Deploy the AWS Systems Manager (SSM) agent

Suggested answer: D
asked 05/10/2024
Karen Charllotte Aglipay
30 questions

Question 188

Report
Export
Collapse

HOTSPOT

You need to create a query to investigate DNS-related activity. The solution must meet the Microsoft Sentinel requirements. How should you complete the Query? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.


Microsoft SC-200 image Question 188 107957 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 188 107957 10052024010847000

Explanation:

Microsoft SC-200 image Question 70 explanation 107957 10052024010847000000

asked 05/10/2024
Preety Koul
39 questions

Question 189

Report
Export
Collapse

HOTSPOT

You need to assign role-based access control (RBAQ roles to Group1 and Group2 to meet The Microsoft Defender for Cloud requirements and the business requirements Which role should you assign to each group? To answer, select the appropriate options in the answer area NOTE Eachcorrect selection is worth one point.


Microsoft SC-200 image Question 189 107958 10052024010847000
Correct answer: Microsoft SC-200 image answer Question 189 107958 10052024010847000
asked 05/10/2024
Roger Berger
27 questions

Question 190

Report
Export
Collapse

You need to ensure that you can run hunting queries to meet the Microsoft Sentinel requirements.

Which type of workspace should you create?

Azure Synapse AnarytKS

Azure Synapse AnarytKS

AzureDalabricks

AzureDalabricks

Azure Machine Learning

Azure Machine Learning

LogAnalytics

LogAnalytics

Suggested answer: D
asked 05/10/2024
Aurelie Touraille Colombo
32 questions
Total 307 questions
Go to page: of 31
Search

Related questions