Free Access Microsoft SC-200 New Release

Microsoft Security Operations Analyst Questions and Answers

Question 45

You need to configure event monitoring for Server1. The solution must meet the Microsoft Sentinel requirements. What should you create first?

Options:

a Microsoft Sentinel automation rule

a Microsoft Sentinel scheduled query rule

a Data Collection Rule (DCR)

an Azure Event Grid topic

Question 46

You need to implement the ASIM query for DNS requests. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Options:

Question 47

You need to implement the Defender for Cloud requirements.

Which subscription-level role should you assign to Group1?

Options:

Security Admin

Owner

Security Assessment Contributor

Contributor

Question 48

You need to restrict cloud apps running on CUENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Options:

the Cloud Discovery settings in Microsoft Defender for Cloud Apps

the Onboarding settings from Device management in Settings in Microsoft 365 Defender portal

Microsoft Defender for Cloud Apps anomaly detection policies

Advanced features from the Endpoints Settings in the Microsoft 365 Defender portal

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free Access Microsoft SC-200 New Release

Microsoft Security Operations Analyst Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce