CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Microsoft Certified: Security Operations Analyst Associate SC-200 Book

Page: 6 / 14
Total 306 questions
Get SC-200 Full Access Download SC-200 PDF

Microsoft Security Operations Analyst Questions and Answers

Question 21

You need to restrict cloud apps running on CUENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Options:

A.

the Cloud Discovery settings in Microsoft Defender for Cloud Apps

B.

the Onboarding settings from Device management in Settings in Microsoft 365 Defender portal

C.

Microsoft Defender for Cloud Apps anomaly detection policies

D.

Advanced features from the Endpoints Settings in the Microsoft 365 Defender portal

Question 22

You need to assign a role-based access control (RBAC) role to admin1 to meet the Azure Sentinel requirements and the business requirements.

Which role should you assign?

Options:

A.

Automation Operator

B.

Automation Runbook Operator

C.

Azure Sentinel Contributor

D.

Logic App Contributor

Question 23

You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements. Which policy should you modify?

Options:

A.

Activity from suspicious IP addresses

B.

Activity from anonymous IP addresses

C.

Impossible travel

D.

Risky sign-in

Question 24

You have a Microsoft Sentinel workspace named SW1.

In SW1, you investigate an incident that is associated with the following entities:

• Host

• IP address

• User account

• Malware name

Which entity can be labeled as an indicator of compromise (loC) directly from the incident s page?

Options:

A.

malware name

B.

host

C.

user account

D.

IP address

Page: 6 / 14
Total 306 questions
Get SC-200 Full Access Download SC-200 PDF