Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

SC-200 Reviews Questions

Page: 7 / 13
Total 347 questions

Microsoft Security Operations Analyst Questions and Answers

Question 25

You have an Azure subscription that uses Microsoft Sentinel.

You detect a new threat by using a hunting query.

You need to ensure that Microsoft Sentinel automatically detects the threat. The solution must minimize administrative effort.

What should you do?

Options:

A.

Create a playbook.

B.

Create a watchlist.

C.

Create an analytics rule.

D.

Add the query to a workbook.

Question 26

You have a Microsoft 365 E5 subscription that uses Microsoft Defender XDR.

You need to ensure that you can investigate threats by using data in the unified audit log of Microsoft Defender for Cloud Apps.

What should you configure first?

Options:

A.

the Azure connector

B.

the User enrichment settings

C.

the Automatic log upload settings

D.

the Microsoft 365 connector

Question 27

You need to implement Azure Sentinel queries for Contoso and Fabrikam to meet the technical requirements.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 28

You need to complete the query for failed sign-ins to meet the technical requirements.

Where can you find the column name to complete the where clause?

Options:

A.

Security alerts in Azure Security Center

B.

Activity log in Azure

C.

Azure Advisor

D.

the query windows of the Log Analytics workspace

Page: 7 / 13
Total 347 questions