- All Exams Instant Download
What should you include in the solution?
HOTSPOT You need to implement Microsoft Defender for Cloud to meet the Microsoft Defender for Cloud requirements and the business requirements. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
How should you configure the query?
HOTSPOT You need to implement the query for Workbook1 and Webapp1. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
How should you complete the query?
HOTSPOT You need to implement the Microsoft Sentinel NRT rule for monitoring the designated break glass account. The solution must meet the Microsoft Sentinel requirements. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View...
Which four actions should you perform in sequence?
DRAG DROP You need to configure DC1 to meet the business requirements. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. View AnswerAnswer: Explanation: Step 1: log in to...
From where can you run the test in Azure Sentinel?
You have an Azure Sentinel workspace. You need to test a playbook manually in the Azure portal. From where can you run the test in Azure Sentinel?A . PlaybooksB . AnalyticsC . Threat intelligenceD . IncidentsView AnswerAnswer: D Explanation: Reference: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook#run-a-playbook-on-demand
What should you configure to mitigate the threat?
You are responsible for responding to Azure Defender for Key Vault alerts. During an investigation of an alert, you discover unauthorized attempts to access a key vault from a Tor exit node. What should you configure to mitigate the threat?A . Key Vault firewalls and virtual networksB . Azure Active...
How should you configure the query?
HOTSPOT You need to implement the ASIM query for DNS requests. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
Which three actions should you perform in a sequence?
DRAG DROP You create a new Azure subscription and start collecting logs for Azure Monitor. You need to configure Azure Security Center to detect possible threats related to sign-ins from suspicious IP addresses to Azure virtual machines. The solution must validate the configuration. Which three actions should you perform in...
Which four actions should you perform in sequence?
DRAG DROP You open the Cloud App Security portal as shown in the following exhibit. You need to remediate the risk for the Launchpad app. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange...
You use Azure Sentinel to monitor irregular Azure activity
HOTSPOT You use Azure Sentinel to monitor irregular Azure activity. You create custom analytics rules to detect threats as shown in the following exhibit. You do NOT define any incident settings as part of the rule definition. Use the drop-down menus to select the answer choice that completes each statement...
