- All Exams Instant Download
Which rule setting should you configure to meet the Microsoft Sentinel requirements?
Which rule setting should you configure to meet the Microsoft Sentinel requirements?A . From Set rule logic, turn off suppression.B . From Analytic rule details, configure the tactics.C . From Set rule logic, map the entities.D . From Analytic rule details, configure the severity.View AnswerAnswer: C
What should you include in the recommendation?
Your company uses Azure Sentinel to manage alerts from more than 10,000 IoT devices. A security manager at the company reports that tracking security threats is increasingly difficult due to the large number of incidents. You need to recommend a solution to provide a custom visualization to simplify the investigation...
Which two configurations should you modify?
You need to restrict cloud apps running on CLIENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer present part of the solution. NOTE: Each correct selection is worth one point.A . the Onboarding settings from Device management in Microsoft Defender Security...
Which role should you assign to Group1?
You need to ensure that the Group1 members can meet the Microsoft Sentinel requirements. Which role should you assign to Group1?A . Microsoft Sentinel Automation ContributorB . Logic App ContributorC . Automation OperatorD . Microsoft Sentinel Playbook OperatorView AnswerAnswer: D
What should you configure in Security Center to enable the email notifications?
Your company uses Azure Security Center and Azure Defender. The security operations team at the company informs you that it does NOT receive email notifications for security alerts. What should you configure in Security Center to enable the email notifications?A . Security solutionsB . Security policyC . Pricing & settingsD...
To which service should you export the alerts?
You have an Azure subscription that has Azure Defender enabled for all supported resource types. You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution. To which service should you export the alerts?A . Azure Cosmos...
Which two actions should you perform in the Cloud App Security portal?
You need to configure Microsoft Cloud App Security to generate alerts and trigger remediation actions in response to external sharing of confidential files. Which two actions should you perform in the Cloud App Security portal? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one...
What should you do?
HOTSPOT You need to configure the Microsoft Sentinel integration to meet the Microsoft Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
How should you complete the query?
HOTSPOT You have a Microsoft 365 E5 subscription. You plan to perform cross-domain investigations by using Microsoft 365 Defender. You need to create an advanced hunting query to identify devices affected by a malicious email attachment. How should you complete the query? To answer, select the appropriate options in the...
Which two actions should you perform?
You use Azure Sentinel. You need to receive an immediate alert whenever Azure Storage account keys are enumerated. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.A . Create a livestreamB . Add a data connectorC ....
