What should you do when you create the rule?
You need to create the test rule to meet the Azure Sentinel requirements. What should you do when you create the rule?A . From Set rule logic, turn off suppression.B . From Analytics rule details, configure the tactics.C . From Set rule logic, map the entities.D . From Analytics rule...
The issue for which team can be resolved by using Microsoft Defender for Endpoint?
The issue for which team can be resolved by using Microsoft Defender for Endpoint?A . executiveB . salesC . marketingView AnswerAnswer: B Explanation: Explanation: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft- defender-atp-ios
What should you configure first?
You need to implement the Azure Information Protection requirements. What should you configure first?A . Device health and compliance reports settings in Microsoft Defender Security CenterB . scanner clusters in Azure Information Protection from the Azure portalC . content scan jobs in Azure Information Protection from the Azure portalD ....
What should you do?
HOTSPOT You need to create the analytics rule to meet the Azure Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you include in the recommendation?
You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?A . just-in-time (JIT) accessB . Azure DefenderC . Azure FirewallD . Azure Application GatewayView AnswerAnswer: B Explanation: Explanation: https://docs.microsoft.com/en-us/azure/security-center/azure-defender
The issue for which team can be resolved by using Microsoft Defender for Office 365?
Topic 1, Contoso Ltd Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
Which role should you assign to SecAdmin1?
You have a Microsoft 365 subscription that uses Azure Defender. You have 100 virtual machines in a resource group named RG1. You assign the Security Admin roles to a new user named SecAdmin1. You need to ensure that SecAdmin1 can apply quick fixes to the virtual machines by using Azure...
Which three actions should you perform in sequence?
DRAG DROP You are informed of a new common vulnerabilities and exposures (CVE) vulnerability that affects your environment. You need to use Microsoft Defender Security Center to request remediation from the team responsible for the affected systems if there is a documented active exploit available. Which three actions should you...
Which role should you assign?
Topic 2, Litware inc. Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
How should you complete the query?
HOTSPOT You have a Microsoft 365 E5 subscription. You plan to perform cross-domain investigations by using Microsoft 365 Defender. You need to create an advanced hunting query to identify devices affected by a malicious email attachment. How should you complete the query? To answer, select the appropriate options in the...