Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Microsoft Certified: Security Operations Analyst Associate SC-200 Book

Page: 6 / 13
Total 334 questions

Microsoft Security Operations Analyst Questions and Answers

Question 21

You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint. You need to create a detection rule that meets the following requirements:

• Is triggered when a device that has critical software vulnerabilities was active during the last hour

• Limits the number of duplicate results

How should you complete the KQL query? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 22

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You use Azure Security Center.

You receive a security alert in Security Center.

You need to view recommendations to resolve the alert in Security Center.

Solution: From Regulatory compliance, you download the report.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 23

You have an Azure subscription that uses Microsoft Sentinel.

You need to create a custom report that will visualise sign-in information over time.

What should you create first?

Options:

A.

a workbook

B.

a hunting query

C.

a notebook

D.

a playbook

Question 24

You have an Azure subscription that uses Microsoft Sentinel and contains a user named User1.

You need to ensure that User1 can enable User and Entity Behavior Analytics (UEBA) for entity behavior in Azure AD The solution must use The principle of least privilege.

Which roles should you assign to Used? To answer select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Page: 6 / 13
Total 334 questions