Which role should you assign to SecAdmin1?
You have a Microsoft 365 subscription that uses Azure Defender. You have 100 virtual machines in a resource group named RG1. You assign the Security Admin roles to a new user named SecAdmin1. You need to ensure that SecAdmin1 can apply quick fixes to the virtual machines by using Azure...
What should you include in the query?
You plan to create a custom Azure Sentinel query that will provide a visual representation of the security alerts generated by Azure Security Center. You need to create a query that will be used to display a bar graph . What should you include in the query?A . extendB ....
Which three actions should you perform?
Your company uses Microsoft Defender for Endpoint. The company has Microsoft Word documents that contain macros. The documents are used frequently on the devices of the company’s accounting team. You need to hide false positive in the Alerts queue, while maintaining the existing security posture . Which three actions should...
What should you include in the recommendation?
Your company uses Azure Sentinel to manage alerts from more than 10,000 IoT devices. A security manager at the company reports that tracking security threats is increasingly difficult due to the large number of incidents. You need to recommend a solution to provide a custom visualization to simplify the investigation...
What should you include in the recommendation?
Topic 1, Contoso Ltd Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
What should you configure first?
You need to implement the Azure Information Protection requirements . What should you configure first?A . Device health and compliance reports settings in Microsoft Defender Security CenterB . scanner clusters in Azure Information Protection from the Azure portalC . content scan jobs in Azure Information Protection from the Azure portalD...
The issue for which team can be resolved by using Microsoft Defender for Office 365?
The issue for which team can be resolved by using Microsoft Defender for Office 365?A . executiveB . marketingC . securityD . salesView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams? view=o365-worldwide
How should you complete the query?
HOTSPOT You need to create an advanced hunting query to investigate the executive team issue. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
Which role should you assign?
Topic 2, Litware inc. Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
What should you use?
You need to visualize Azure Sentinel data and enrich the data by using third-party data sources to identify indicators of compromise (IoC). What should you use?A . notebooks in Azure SentinelB . Microsoft Cloud App SecurityC . Azure MonitorD . hunting queries in Azure SentinelView AnswerAnswer: A Explanation: Reference: https://docs.microsoft.com/en-us/azure/sentinel/notebooks