CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-200

Free SC-200 Exam Braindumps (page: 35)

Page 34 of 79
PDF with 355 Questions

HOTSPOT (Drag and Drop is not supported).
You purchase a Microsoft 365 subscription.
You plan to configure Microsoft Cloud App Security.
You need to create a custom template-based policy that detects connections to Microsoft 365 apps that originate from a botnet network.
What should you use? To answer, select the appropriate options in the answer area.
Note: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring Azure Sentinel.
You need to create an incident in Azure Sentinel when a sign-in to an Azure virtual machine from a malicious IP address is detected.
Solution: You create a hunting bookmark.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-security-center



You use Azure Security Center.
You receive a security alert in Security Center.
You need to view recommendations to resolve the alert in Security Center.
What should you do?

  1. From Security alerts, select the alert, select Take Action, and then expand the Prevent future attacks section.
  2. From Security alerts, select Take Action, and then expand the Mitigate the threat section.
  3. From Regulatory compliance, download the report.
  4. From Recommendations, download the CSV report.

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/azure/security-center/security-center-managing-and-responding-alerts



HOTSPOT
-
You have a Microsoft 365 subscription that uses Microsoft Defender for Endpoint Plan 2 and contains a Windows device named Device1.
You initiate a live response session on Device1 and launch an executable file named File1.exe in the background.
You need to perform the following actions:
• Identify the command ID of File1.exe.
• Interact with File1.exe.
Which live response command should you run for each action? To answer, select the appropriate options in the answer area.
Note: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:






Post your Comments and Discuss Microsoft SC-200 exam with other Community members:

SC-200 Discussions & Posts