CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-200

Free SC-200 Exam Braindumps (page: 27)

Page 26 of 79
PDF with 355 Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring Microsoft Defender for Identity integration with Active Directory.
From the Microsoft Defender for identity portal, you need to configure several accounts for attackers to exploit.
Solution: You add the accounts to an Active Directory group and add the group as a Sensitive group.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/defender-for-identity/manage-sensitive-honeytoken-accounts



You recently deployed Azure Sentinel.
You discover that the default Fusion rule does not generate any alerts. You verify that the rule is enabled.
You need to ensure that the Fusion rule can generate alerts.
What should you do?

  1. Disable, and then enable the rule.
  2. Add data connectors
  3. Create a new machine learning analytics rule.
  4. Add a hunting bookmark.

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/azure/sentinel/connect-data-sources



HOTSPOT
-
You have an Azure subscription that uses Microsoft Defender for Cloud.
You need to use an Azure Resource Manager (ARM) template to create a workflow automation that will trigger a logic app when specific alerts are received by Microsoft Defender for Cloud.
How should you complete the template? To answer, select the appropriate options in the answer area.
Note: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



You have an Azure subscription named Sub1 that uses Microsoft Defender for Cloud.
You need to assign the PCI DSS 4.0 initiative to Sub1 and have the initiative displayed in the Defender for Cloud Regulatory compliance dashboard.
From Security policies in the Environment settings, you discover that the option to add more industry and regulatory standards is unavailable.
What should you do first?

  1. Configure the Continuous export settings for Log Analytics.
  2. Enable the Cloud Security Posture Management (CSPM) plan for the subscription.
  3. Configure the Continuous export settings for Azure Event Hubs.
  4. Disable the Microsoft Cloud Security Benchmark (MCSB) assignment.

Answer(s): B






Post your Comments and Discuss Microsoft SC-200 exam with other Community members:

SC-200 Discussions & Posts