Complete SC-200 Microsoft Materials

Microsoft Security Operations Analyst Questions and Answers

Question 41

You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements. Which policy should you modify?

Activity from suspicious IP addresses

Activity from anonymous IP addresses

Impossible travel

Risky sign-in

Question 42

You need to implement the Azure Information Protection requirements. What should you configure first?

Device health and compliance reports settings in Microsoft Defender Security Center

scanner clusters in Azure Information Protection from the Azure portal

content scan jobs in Azure Information Protection from the Azure portal

Advanced features from Settings in Microsoft Defender Security Center

Question 43

You need to implement Azure Defender to meet the Azure Defender requirements and the business requirements.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question 44

You need to create the test rule to meet the Azure Sentinel requirements. What should you do when you create the rule?

From Set rule logic, turn off suppression.

From Analytics rule details, configure the tactics.

From Set rule logic, map the entities.

From Analytics rule details, configure the severity.