Home / Microsoft / SC-200

Microsoft SC-200 Practice Test - Questions Answers, Page 10

Question list

List of questions

Question 91

(0)

You need to ensure that the configuration of HuntingQuery1 meets the Microsoft Sentinel requirements. What should you do?

Question 92

(0)

HOTSPOT You need to implement the Microsoft Sentinel NRT rule for monitoring the designated break glass account. The solution must meet the Microsoft Sentinel requirements. How should you complete

Question 93

(0)

HOTSPOT You need to monitor the password resets. The solution must meet the Microsoft Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE

Question 94

(0)

You need to ensure that the processing of incidents generated by rulequery1 meets the Microsoft Sentinel requirements. What should you create first?

Question 95

(0)

You need to implement the Defender for Cloud requirements. Which subscription-level role should you assign to Group1?

Question 96

(0)

You need to implement the scheduled rule for incident generation based on rulequery1. What should you configure first?

Question 97

(0)

You need to ensure that the Group1 members can meet the Microsoft Sentinel requirements. Which role should you assign to Group1?

Question 98

(0)

HOTSPOT You need to implement Azure Defender to meet the Azure Defender requirements and the business requirements. What should you include in the solution? To answer, select the appropriate optio

Question 99

(0)

You need to remediate active attacks to meet the technical requirements. What should you include in the solution?

Question 100

(0)

HOTSPOT You need to create an advanced hunting query to investigate the executive team issue. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE

Related questions

HOTSPOT You have an Azure subscription named Sub1 that uses Microsoft Defender for Cloud. You have an Azure DevOps organization named AzDO1. You need to integrate Sub! and AzDO1. The solution must meet the following requirements: * Detect secrets exposed in pipelines by using Defender for Cloud. * Minimize administrative effort.

DRAG DROP You have an Azure subscription. The subscription contains 10 virtual machines that are onboarded to Microsoft Defender for Cloud. You need to ensure that when Defender for Cloud detects digital currency mining behavior on a virtual machine, you receive an email notification. The solution must generate a test email. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

HOTSPOT You have a Microsoft 365 subscription that uses Microsoft Defender XDR. You need to create a custom detection rule that will identify devices that had more than five antivirus detections within the last 24 hours. how should you complete the query? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

HOTSPOT You have an Azure DevOps organization that uses Microsoft Defender for DevOps. The organization contains an Azure DevOps repository named Repo1 and an Azure Pipelines pipeline named Pipeline1. Pipeline1 is used to build and deploy code stored in Repo1. You need to ensure that when Pipeline1 runs, Microsoft Defender for Cloud can perform secret scanning of the code in Repo1. What should you install in the organization, and what should you add to the YAML file of Pipeline'!? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

You create an Azure subscription. You enable Microsoft Defender for Cloud for the subscription. You need to use Defender for Cloud to protect on-premises computers. What should you do on the on-premises computers?

You have a Microsoft 365 subscription that uses Microsoft 365 Defender. You plan to create a hunting query from Microsoft Defender. You need to create a custom tracked query that will be used to assess the threat status of the subscription. From the Microsoft 365 Defender portal, which page should you use to create the query?

HOTSPOT You have an Azure subscription that uses Microsoft Defender for Cloud and contains an Azure logic app named app1. You need to ensure that app1 launches when a specific Defender for Cloud security alert is generated. How should you complete the Azure Resource Manager (ARM) template? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that uses Microsoft Defender XDR. You need to ensure that you can investigate threats by using data in the unified audit log of Microsoft Defender for Cloud Apps. What should you configure first?

HOTSPOT You have a Microsoft Sentinel workspace that has a default data retention period of 30 days. The workspace contains two custom tables as shown in the following table. Each table ingested two records per day during the past 365 days. You build KQL statements for use in analytic rules as shown in the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

HOTSPOT You have an Azure subscription that uses Microsoft Defender for Cloud. You create a Google Cloud Platform (GCP) organization named GCP1. You need to onboard GCP1 to Defender for Cloud by using the native cloud connector. The solution must ensure that all future GCP projects are onboarded automatically. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question 91

You need to ensure that the configuration of HuntingQuery1 meets the Microsoft Sentinel requirements.

What should you do?

Add HuntingQuery1 to a livestream.

Create a watch list.

Create an Azure Automation rule.

Add HuntingQuery1 to favorites.

Show Answer Comment (0)

Question 92

HOTSPOT

You need to implement the Microsoft Sentinel NRT rule for monitoring the designated break glass account. The solution must meet the Microsoft Sentinel requirements.

How should you complete the query? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Answer Comment (0)

Question 93

HOTSPOT

You need to monitor the password resets. The solution must meet the Microsoft Sentinel requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Answer Comment (0)

Question 94

You need to ensure that the processing of incidents generated by rulequery1 meets the Microsoft Sentinel requirements.

What should you create first?

a playbook with an incident trigger

a playbook with an entity trigger

an Azure Automation rule

a playbook with an alert trigger

Show Answer Comment (0)

Question 95

You need to implement the Defender for Cloud requirements.

Which subscription-level role should you assign to Group1?

Security Admin

Owner

Security Assessment Contributor

Contributor

Show Answer Comment (0)

Question 96

You need to implement the scheduled rule for incident generation based on rulequery1.

What should you configure first?

entity mapping

custom details

event grouping

alert details

Show Answer Comment (0)

Question 97

You need to ensure that the Group1 members can meet the Microsoft Sentinel requirements.

Which role should you assign to Group1?

Microsoft Sentinel Automation Contributor

Logic App Contributor

Automation Operator

Microsoft Sentinel Playbook Operator

Show Answer Comment (0)

Question 98

HOTSPOT

You need to implement Azure Defender to meet the Azure Defender requirements and the business requirements.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Answer Show Case Study Comment (0)

Question 99

You need to remediate active attacks to meet the technical requirements.

What should you include in the solution?

Azure Automation runbooks

Azure Logic Apps

Azure Functions

Azure Sentinel livestreams

Show Answer Show Case Study Comment (0)

Question 100

HOTSPOT

You need to create an advanced hunting query to investigate the executive team issue.

How should you complete the query? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Answer Show Case Study Comment (0)

Total 295 questions

8 9 10 11 12

Go to page: of 30