Free SC-200 Exam Braindumps

HOTSPOT (Drag and Drop is not supported).
You have an Azure subscription that has Azure Defender enabled for all supported resource types.
You create an Azure logic app named LA1.
You plan to use LA1 to automatically remediate security risks detected in Azure Security Center.
You need to test LA1 in Security Center.
What should you do? To answer, select the appropriate options in the answer area.
Note: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/security-center/workflow-automation#create-a-logic-app-and-define-when-it-should-automatically-run



You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365.
You have Microsoft SharePoint Online sites that contain sensitive documents. The documents contain customer account numbers that each consists of 32 alphanumeric characters.
You need to create a data loss prevention (DLP) policy to protect the sensitive documents.
What should you use to detect which documents are sensitive?

  1. SharePoint search
  2. a hunting query in Microsoft 365 Defender
  3. Azure Information Protection
  4. RegEx pattern matching

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection



DRAG DROP (Drag and Drop is not supported).
You have an Azure Sentinel deployment.
You need to query for all suspicious credential access activities.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://davemccollough.com/2020/11/28/threat-hunting-with-azure-sentinel/



HOTSPOT
-
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint.
You have the on-premises devices shown in the following table.



You are preparing an incident response plan for devices infected by malware.
You need to recommend response actions that meet the following requirements:
• Block malware from communicating with and infecting managed devices.
• Do NOT affect the ability to control managed devices.
Which actions should you use for each device? To answer, select the appropriate options in the answer area.
Note: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:






Post your Comments and Discuss Microsoft SC-200 exam with other Community members:

SC-200 Discussions & Posts