Free SC-200 Exam Braindumps (page: 12)

Page 11 of 79

You have an Azure subscription that contains a user named User1 and a Microsoft Sentinel workspace named WS1. WS1 uses Microsoft Defender for Cloud.
You have the Microsoft security analytics rules shown in the following table.



User1 performs an action that matches Rule1, Rule2, Rule3, and Rule4.
How many incidents will be created in WS1?

  1. 1
  2. 2
  3. 3
  4. 4

Answer(s): D



You have a Microsoft 365 subscription that uses Azure Defender.
You have 100 virtual machines in a resource group named RG1.
You assign the Security Admin roles to a new user named SecAdmin1.
You need to ensure that SecAdmin1 can apply quick fixes to the virtual machines by using Azure Defender. The solution must use the principle of least privilege.
Which role should you assign to SecAdmin1?

  1. the Security Reader role for the subscription
  2. the Contributor for the subscription
  3. the Contributor role for RG1
  4. the Owner role for RG1

Answer(s): C



Your company uses line-of-business apps that contain Microsoft Office VBA macros.
You need to prevent users from downloading and running additional payloads from the Office VBA macros as additional child processes.
Which two commands can you run to achieve the goal? Each correct answer presents a complete solution.
Note: Each correct selection is worth one point.





Answer(s): B,C


Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction



You have an existing Azure logic app that is used to block Azure Active Directory (Azure AD) users. The logic app is triggered manually.
You deploy Azure Sentinel.
You need to use the existing logic app as a playbook in Azure Sentinel.
What should you do first?

  1. And a new scheduled query rule.
  2. Add a data connector to Azure Sentinel.
  3. Configure a custom Threat Intelligence connector in Azure Sentinel.
  4. Modify the trigger in the logic app.

Answer(s): D






Post your Comments and Discuss Microsoft SC-200 exam with other Community members:

SC-200 Discussions & Posts