- All Exams Instant Download
What should you do?
HOTSPOT You need to configure the Azure Sentinel integration to meet the Azure Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer: Explanation: Reference: https://docs.microsoft.com/en-us/cloud-app-security/siem-sentinel
Which two roles should assign to the analyst?
Your company deploys the following services: ✑ Microsoft Defender for Identity ✑ Microsoft Defender for Endpoint ✑ Microsoft Defender for Office 365 You need to provide a security analyst with the ability to use the Microsoft 365 security center. The analyst must be able to approve and reject pending actions...
What should you recommend for each threat?
HOTSPOT for the Azure virtual You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What should you recommend for each threat? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer: Explanation: Reference: https://docs.microsoft.com/en-us/azure/key-vault/general/secure-your-key-vault
What should you configure first?
You need to implement the scheduled rule for incident generation based on rulequery1. What should you configure first?A . entity mappingB . custom detailsC . event groupingD . alert detailsView AnswerAnswer: D
Which two actions should you perform in Azure Sentinel?
You are configuring Azure Sentinel. You need to send a Microsoft Teams message to a channel whenever a sign-in from a suspicious IP address is detected. Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one...
What should you do?
HOTSPOT You have an Azure subscription that has Azure Defender enabled for all supported resource types. You create an Azure logic app named LA1. You plan to use LA1 to automatically remediate security risks detected in Azure Security Center. View the window You need to test LA1 in Security Center....
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...
Topic 4, Misc. Questions
Topic 4, Misc. Questions Fabrikam. Inc. is a financial services company. The company has branch offices in New York. London, and Singapore. Fabrikam has remote users located across the globe. The remote users access company resources, including cloud resources, by using a VPN connection to a branch office. The network...
Which rule setting should you configure to meet the Microsoft Sentinel requirements?
Which rule setting should you configure to meet the Microsoft Sentinel requirements?A . From Set rule logic, turn off suppression.B . From Analytic rule details, configure the tactics.C . From Set rule logic, map the entities.D . From Analytic rule details, configure the severity.View AnswerAnswer: C
What should you include in the recommendation?
Your company uses Azure Sentinel to manage alerts from more than 10,000 IoT devices. A security manager at the company reports that tracking security threats is increasingly difficult due to the large number of incidents. You need to recommend a solution to provide a custom visualization to simplify the investigation...
