← Back to exam page

SC-200 – Microsoft Security Operations Analyst

Loading demo links...

Showing 13–15 of 15 questions

Question 13 (New Update)

A company uses Azure Sentinel.

You need to create an automated threat response.

What should you use?

Select an option, then click Submit answer.

○
a data connector
○
a playbook
○
a workbook
○
a Microsoft incident creation rule

Question 14 (New Update)

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are configuring Azure Sentinel.

You need to create an incident in Azure Sentinel when a sign-in to an Azure virtual machine from a malicious IP address is detected.

Solution: You create a hunting bookmark.

Does this meet the goal?

Select an option, then click Submit answer.

○
Yes
○
No

Question 15 (New Update)

You have an Azure subscription that uses Microsoft Sentinel.

You detect a new threat by using a hunting query.

You need to ensure that Microsoft Sentinel automatically detects the threat. The solution must minimize administrative effort.

What should you do?

Select an option, then click Submit answer.

○
Create a playbook.
○
Create a watchlist.
○
Create an analytics rule.
○
Add the query to a workbook.

← Prev 1 2 3 4 5 Next →

Page 5 of 5

Sale Ends In

2h 0m 0s