Which two actions should you perform?

SC-200 V3 0 Comments

You have the following environment:

✑ Azure Sentinel

✑ A Microsoft 365 subscription

✑ Microsoft Defender for Identity

✑ An Azure Active Directory (Azure AD) tenant

You configure Azure Sentinel to collect security logs from all the Active Directory member

servers and domain controllers.

You deploy Microsoft Defender for Identity by using standalone sensors.

You need to ensure that you can detect when sensitive groups are modified in Active Directory.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A . Configure the Advanced Audit Policy Configuration settings for the domain controllers.
B. Modify the permissions of the Domain Controllers organizational unit (OU).
C. Configure auditing in the Microsoft 365 compliance center.
D. Configure Windows Event Forwarding on the domain controllers.

Answer: A,D

Explanation:

Reference:

https://docs.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection

https://docs.microsoft.com/en-us/defender-for-identity/configure-event-collection

Latest SC-200 Dumps Valid Version with 75 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SC-200 PDF     SC-200 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments