Which two actions should you perform in Azure Sentinel?

SC-200 V2 0 Comments

Topic 3, Misc. Questions

You are configuring Azure Sentinel.

You need to send a Microsoft Teams message to a channel whenever an incident representing a sign-in risk event is activated in Azure Sentinel.

Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A . Enable Entity behavior analytics.
B. Associate a playbook to the analytics rule that triggered the incident.
C. Enable the Fusion rule.
D. Add a playbook.
E. Create a workbook.

Answer: A,B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/sentinel/enable-entity-behavior-analytics

https://docs.microsoft.com/en-us/azure/sentinel/automate-responses-with-playbooks

Latest SC-200 Dumps Valid Version with 75 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SC-200 PDF     SC-200 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments