ExamGecko
Search Search Login
Home Home / Microsoft / SC-200

Microsoft SC-200 Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You have an Azure subscription named Sub1 that uses Microsoft Defender for Cloud. You have an Azure DevOps organization named AzDO1. You need to integrate Sub! and AzDO1. The solution must meet the following requirements: * Detect secrets exposed in pipelines by using Defender for Cloud. * Minimize administrative effort.
DRAG DROP You have an Azure subscription. The subscription contains 10 virtual machines that are onboarded to Microsoft Defender for Cloud. You need to ensure that when Defender for Cloud detects digital currency mining behavior on a virtual machine, you receive an email notification. The solution must generate a test email. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
HOTSPOT You have a Microsoft 365 subscription that uses Microsoft Defender XDR. You need to create a custom detection rule that will identify devices that had more than five antivirus detections within the last 24 hours. how should you complete the query? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.
HOTSPOT You have an Azure DevOps organization that uses Microsoft Defender for DevOps. The organization contains an Azure DevOps repository named Repo1 and an Azure Pipelines pipeline named Pipeline1. Pipeline1 is used to build and deploy code stored in Repo1. You need to ensure that when Pipeline1 runs, Microsoft Defender for Cloud can perform secret scanning of the code in Repo1. What should you install in the organization, and what should you add to the YAML file of Pipeline'!? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You create an Azure subscription. You enable Microsoft Defender for Cloud for the subscription. You need to use Defender for Cloud to protect on-premises computers. What should you do on the on-premises computers?
You have a Microsoft 365 subscription that uses Microsoft 365 Defender. You plan to create a hunting query from Microsoft Defender. You need to create a custom tracked query that will be used to assess the threat status of the subscription. From the Microsoft 365 Defender portal, which page should you use to create the query?
HOTSPOT You have an Azure subscription that uses Microsoft Defender for Cloud and contains an Azure logic app named app1. You need to ensure that app1 launches when a specific Defender for Cloud security alert is generated. How should you complete the Azure Resource Manager (ARM) template? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that uses Microsoft Defender XDR. You need to ensure that you can investigate threats by using data in the unified audit log of Microsoft Defender for Cloud Apps. What should you configure first?
HOTSPOT You have a Microsoft Sentinel workspace that has a default data retention period of 30 days. The workspace contains two custom tables as shown in the following table. Each table ingested two records per day during the past 365 days. You build KQL statements for use in analytic rules as shown in the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure subscription that uses Microsoft Defender for Cloud. You create a Google Cloud Platform (GCP) organization named GCP1. You need to onboard GCP1 to Defender for Cloud by using the native cloud connector. The solution must ensure that all future GCP projects are onboarded automatically. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question 101

Report
Export
Collapse

HOTSPOT

You need to implement Azure Sentinel queries for Contoso and Fabrikam to meet the technical requirements.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 101
Correct answer: Question 101

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/sentinel/extend-sentinel-across-workspaces-tenants

Question 102

Report
Export
Collapse

You need to complete the query for failed sign-ins to meet the technical requirements.

Where can you find the column name to complete the where clause?

A.

Security alerts in Azure Security Center

A.

Security alerts in Azure Security Center

Answers
B.

Activity log in Azure

B.

Activity log in Azure

Answers
C.

Azure Advisor

C.

Azure Advisor

Answers
D.

the query windows of the Log Analytics workspace

D.

the query windows of the Log Analytics workspace

Answers
Suggested answer: D

Explanation:

Question 103

Report
Export
Collapse

The issue for which team can be resolved by using Microsoft Defender for Endpoint?

A.

executive

A.

executive

Answers
B.

sales

B.

sales

Answers
C.

marketing

C.

marketing

Answers
Suggested answer: C

Explanation:

Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios

Question 104

Report
Export
Collapse

The issue for which team can be resolved by using Microsoft Defender for Office 365?

A.

executive

A.

executive

Answers
B.

marketing

B.

marketing

Answers
C.

security

C.

security

Answers
D.

sales

D.

sales

Answers
Suggested answer: B

Explanation:

Reference:

https://docs.mic rosoft. co m/en-us/microsoft-365/securitv/office-365-security/atp-for-spo-odb-and-teams?view=o365-worldwide

Question 105

Report
Export
Collapse

You need to recommend a solution to meet the technical requirements for the Azure virtual machines.

What should you include in the recommendation?

A.

just-in-time (JIT) access

A.

just-in-time (JIT) access

Answers
B.

Azure Defender

B.

Azure Defender

Answers
C.

Azure Firewall

C.

Azure Firewall

Answers
D.

Azure Application Gateway

D.

Azure Application Gateway

Answers
Suggested answer: B

Explanation:

Reference:

https://docsmicrosoft.com/en-us/azure/security-center/azure-defender

Question 106

Report
Export
Collapse

HOTSPOT

You need to recommend remediation actions for the Azure Defender alerts for Fabrikam.

What should you recommend for each threat? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 106
Correct answer: Question 106

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/key-vault/general/security-features

https://docs.microsoft.com/en-us/azure/key-vault/general/secure-your-key-vault

Question 107

Report
Export
Collapse

You need to assign a role-based access control (RBAC) role to admin! to meet the Azure Sentinel requirements and the business requirements.

Which role should you assign?

A.

Automation Operator

A.

Automation Operator

Answers
B.

Automation Run book Operator

B.

Automation Run book Operator

Answers
C.

Azure Sentinel Contributor

C.

Azure Sentinel Contributor

Answers
D.

Logic App Contributor

D.

Logic App Contributor

Answers
Suggested answer: C

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/sentinel/roles

Question 108

Report
Export
Collapse

You need to create the test rule to meet the Azure Sentinel requirements.

What should you do when you create the rule?

A.

From Set rule logic, turn off suppression.

A.

From Set rule logic, turn off suppression.

Answers
B.

From Analytics rule details, configure the tactics.

B.

From Analytics rule details, configure the tactics.

Answers
C.

From Set rule logic, map the entities.

C.

From Set rule logic, map the entities.

Answers
D.

From Analytics rule details, configure the severity.

D.

From Analytics rule details, configure the severity.

Answers
Suggested answer: C

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-custom

Question 109

Report
Export
Collapse

DRAG DROP

You need to add notes to the events to meet the Azure Sentinel requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of action to the answer area and arrange them in the correct order.


Question 109
Correct answer: Question 109

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/sentinel/bookmarks

Question 110

Report
Export
Collapse

HOTSPOT

You need to configure the Azure Sentinel integration to meet the Azure Sentinel requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 110
Correct answer: Question 110

Explanation:

Reference:

https://docs.microsoft.com/en-us/cloud-app-security/siem-sentinel

Total 295 questions
Go to page: of 30
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms