- All Exams Instant Download
What should you do first?
Topic 3, Misc. Questions You receive an alert from Azure Defender for Key Vault. You discover that the alert is generated from multiple suspicious IP addresses. You need to reduce the potential of Key Vault secrets being leaked while you investigate the issue. The solution must be implemented as soon...
You manage the security posture of an Azure subscription that contains two virtual machines name vm1 and vm2
HOTSPOT You manage the security posture of an Azure subscription that contains two virtual machines name vm1 and vm2. The secure score in Azure Security Center is shown in the Security Center exhibit. (Click the Security Center tab.) Azure Policy assignments are configured as shown in the Policies exhibit. (Click...
What should you do?
HOTSPOT You need to configure the Azure Sentinel integration to meet the Azure Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer: Explanation: Graphical user interface, text, application Description automatically generated
What should you do?
HOTSPOT You need to create the analytics rule to meet the Azure Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you include in the solution?
You need to remediate active attacks to meet the technical requirements. What should you include in the solution?A . Azure Automation runbooksB . Azure Logic AppsC . Azure Functions D Azure Sentinel livestreamsView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/azure/sentinel/automate-responses-with-playbooks
Which policy should you modify?
You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements . Which policy should you modify?A . Activity from suspicious IP addressesB . Activity from anonymous IP addressesC . Impossible travelD . Risky sign-inView AnswerAnswer: C Explanation: Reference: https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy
How should you complete the query?
HOTSPOT You need to create an advanced hunting query to investigate the executive team issue. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you recommend for each threat?
HOTSPOT You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What should you recommend for each threat? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you include in the query?
Topic 3, Misc. Questions You plan to create a custom Azure Sentinel query that will track anomalous Azure Active Directory (Azure AD) sign-in activity and present the activity as a time chart aggregated by day. You need to create a query that will be used to display the time chart....
Which policy should you modify?
You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements. Which policy should you modify?A . Activity from suspicious IP addressesB . Activity from anonymous IP addressesC . Impossible travelD . Risky sign-inView AnswerAnswer: C Explanation: Explanation: https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy
