SC-200 Reviews Questions

Microsoft Security Operations Analyst Questions and Answers

Question 25

You have an Azure subscription that uses Microsoft Sentinel.

You detect a new threat by using a hunting query.

You need to ensure that Microsoft Sentinel automatically detects the threat. The solution must minimize administrative effort.

What should you do?

Options:

Create a playbook.

Create a watchlist.

Create an analytics rule.

Add the query to a workbook.

Question 26

You have a Microsoft 365 E5 subscription that uses Microsoft Defender XDR.

You need to ensure that you can investigate threats by using data in the unified audit log of Microsoft Defender for Cloud Apps.

What should you configure first?

Options:

the Azure connector

the User enrichment settings

the Automatic log upload settings

the Microsoft 365 connector

Question 27

You need to implement Azure Sentinel queries for Contoso and Fabrikam to meet the technical requirements.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 28

You need to complete the query for failed sign-ins to meet the technical requirements.

Where can you find the column name to complete the where clause?

Options:

Security alerts in Azure Security Center

Activity log in Azure

Azure Advisor

the query windows of the Log Analytics workspace

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Microsoft Security Operations Analyst Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce